985694 – (CVE-2015-8916) VUL-1: CVE-2015-8916: bsdtar,libarchive: Null pointer access in RAR parser

Bug 985694 (CVE-2015-8916) - VUL-1: CVE-2015-8916: bsdtar,libarchive: Null pointer access in RAR parser

Summary: VUL-1: CVE-2015-8916: bsdtar,libarchive: Null pointer access in RAR parser

Status:	RESOLVED WONTFIX

Alias:	CVE-2015-8916

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assignee:	Adrian Schröter
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/170298/
Whiteboard:	CVSSv2:SUSE:CVE-2015-8916:4.3:(AV:N/A...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-06-20 15:02 UTC by Marcus Meissner
Modified:	2020-11-10 21:19 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
crash.rar (121 bytes, application/octet-stream) 2016-06-20 15:04 UTC, Marcus Meissner	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2016-06-20 15:02:58 UTC

CVE-2015-8916

> https://github.com/libarchive/libarchive/issues/504
> Null pointer access in RAR parser

Use CVE-2015-8916.

There is not a second ID for the "it assumes this is a multivolume
archive" discussion in the
https://github.com/libarchive/libarchive/issues/504#issuecomment-198683221
comment.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8916
http://seclists.org/oss-sec/2016/q2/566

Comment 1 Marcus Meissner 2016-06-20 15:04:15 UTC

Created attachment 681366 [details]
crash.rar

QA REPRODUCER:

bsdtar xf crash.rar 
Speicherzugriffsfehler

should not crash afterwards

Comment 2 Marcus Meissner 2016-06-20 15:08:45 UTC

(unclear what the patch fixing this is)

Comment 3 Swamp Workflow Management 2016-06-20 22:02:29 UTC

bugbot adjusting priority

Comment 7 Andreas Stieger 2016-07-14 13:41:21 UTC

I removed the patch, changelog reference and patchinfo note form the incident.

Comment 9 jun wang 2016-11-24 09:32:34 UTC

(In reply to Marcus Meissner from comment #1)
> Created attachment 681366 [details]
> crash.rar
> 
> QA REPRODUCER:
> 
> bsdtar xf crash.rar 
> Speicherzugriffsfehler
> 
> should not crash afterwards

I am testing this bug.
This update ID is SUSE:Maintenance:3431:124534.
But it was NOT fixed on SLE12SP1 and SLE12SP2.

# bsdtar xf crash.rar 
Segmentation fault (core dumped)

Please check it.

Comment 11 Marcus Meissner 2016-11-24 09:56:43 UTC

I have removed the bug/cve from SUSE:Maintenance:3431, testing can proceed without this.

Comment 12 jun wang 2016-11-24 10:01:00 UTC

(In reply to Marcus Meissner from comment #11)
> I have removed the bug/cve from SUSE:Maintenance:3431, testing can proceed
> without this.

OK, Thank you

Comment 13 Johannes Segitz 2018-10-11 08:08:38 UTC

SUSE will not provide a fix for this issue since the risk to our customers posed by this is negligible.