Bug 957517 (CVE-2015-8367) - VUL-1: CVE-2015-8367: libraw: Memory objects are not intialized properly
Summary: VUL-1: CVE-2015-8367: libraw: Memory objects are not intialized properly
Status: RESOLVED FIXED
Alias: CVE-2015-8367
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/159287/
Whiteboard: CVSSv2:RedHat:CVE-2015-8367:5.8:(AV:N...
Keywords:
Depends on:
Blocks:
 
Reported: 2015-12-02 10:14 UTC by Marcus Meissner
Modified: 2017-08-30 17:29 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-12-02 10:14:02 UTC 
from redhat bugzilla and full-disclosure


It was found that phase_one_correct function does not handle memory object’s initialization correctly, which may have unspecified impact.

The LibRaw raw image decoder  <= 0.17 has multi vulnerability to cause memory errors,which may cause code execution or 
other problems.Problems has been fixed in 0.17.1(www.libraw.org/news/libraw-0-17-1).

Upstream patch:

https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1287076
http://seclists.org/fulldisclosure/2015/Nov/108
Comment 1 Swamp Workflow Management 2015-12-02 23:00:13 UTC 
bugbot adjusting priority
Comment 2 Petr Gajdos 2015-12-03 14:26:15 UTC 
No testcase found.

Packages submitted into 13.1, 13.2 and 12.
Comment 3 Bernhard Wiedemann 2015-12-03 15:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (957517) was mentioned in
https://build.opensuse.org/request/show/347317 13.1 / libraw
https://build.opensuse.org/request/show/347318 13.2 / libraw
Comment 5 Andreas Stieger 2015-12-13 08:55:13 UTC 
Release update for 13.1 and 13.2
Comment 6 Swamp Workflow Management 2015-12-13 12:12:32 UTC 
openSUSE-SU-2015:2256-1: An update that fixes one vulnerability is now available.

Category: security (low)
Bug References: 957517
CVE References: CVE-2015-8367
Sources used:
openSUSE 13.2 (src):    libraw-0.16.0-2.6.1
openSUSE 13.1 (src):    libraw-0.15.4-2.6.1
Comment 7 Marcus Meissner 2016-10-25 08:47:12 UTC 
(dcraw has similar code, but does not leak memory nor needs return ... bug was introduced by libraw import of dcraw codebase)
Comment 8 Bernhard Wiedemann 2016-10-25 12:01:16 UTC 
This is an autogenerated message for OBS integration:
This bug (957517) was mentioned in
https://build.opensuse.org/request/show/437263 42.1 / libraw
Comment 9 Swamp Workflow Management 2016-11-04 15:08:20 UTC 
openSUSE-SU-2016:2729-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 957517
CVE References: CVE-2015-8367
Sources used:
openSUSE Leap 42.1 (src):    libraw-0.16.2-4.1
Comment 11 Johannes Segitz 2017-08-01 08:24:21 UTC 
fixed
Comment 12 Swamp Workflow Management 2017-08-30 17:29:04 UTC 
SUSE-SU-2017:2300-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1039209,1039210,1039379,1039380,930683,957517
CVE References: CVE-2015-3885,CVE-2015-8367,CVE-2017-6886,CVE-2017-6887,CVE-2017-6889,CVE-2017-6890,CVE-2017-6899
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    libraw-0.15.4-9.2
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    libraw-0.15.4-9.2
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libraw-0.15.4-9.2
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    libraw-0.15.4-9.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    libraw-0.15.4-9.2
SUSE Linux Enterprise Desktop 12-SP2 (src):    libraw-0.15.4-9.2