Bugzilla – Bug 985698
VUL-1: CVE-2015-8918: bsdtar,libarchive: Overlapping memcpy in CAB parser
Last modified: 2019-05-22 01:06:14 UTC
CVE-2015-8918 > https://github.com/libarchive/libarchive/issues/506 > Overlapping memcpy in CAB parser Use CVE-2015-8918. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8918 http://seclists.org/oss-sec/2016/q2/566
Created attachment 681370 [details] memcpy.cab QA REPRODUCER: valgrind bsdtar xf memcpy.cab should report errors
Created attachment 681372 [details] b6ba560.patch commit b6ba560
bugbot adjusting priority
do not see any difference before and after update before: ------- # valgrind bsdtar xf memcpy.cab ==7435== Memcheck, a memory error detector ==7435== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==7435== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==7435== Command: bsdtar xf memcpy.cab ==7435== bsdtar: Unrecognized archive format: Invalid or incomplete multibyte or wide character bsdtar: Error exit delayed from previous errors. ==7435== ==7435== HEAP SUMMARY: ==7435== in use at exit: 46 bytes in 2 blocks ==7435== total heap usage: 61 allocs, 59 frees, 91,426 bytes allocated ==7435== ==7435== LEAK SUMMARY: ==7435== definitely lost: 40 bytes in 1 blocks ==7435== indirectly lost: 6 bytes in 1 blocks ==7435== possibly lost: 0 bytes in 0 blocks ==7435== still reachable: 0 bytes in 0 blocks ==7435== suppressed: 0 bytes in 0 blocks ==7435== Rerun with --leak-check=full to see details of leaked memory ==7435== ==7435== For counts of detected and suppressed errors, rerun with: -v ==7435== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4) after: ------ # valgrind bsdtar xf memcpy.cab ==31751== Memcheck, a memory error detector ==31751== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==31751== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==31751== Command: bsdtar xf memcpy.cab ==31751== bsdtar: Unrecognized archive format: Invalid or incomplete multibyte or wide character bsdtar: Error exit delayed from previous errors. ==31751== ==31751== HEAP SUMMARY: ==31751== in use at exit: 46 bytes in 2 blocks ==31751== total heap usage: 61 allocs, 59 frees, 91,426 bytes allocated ==31751== ==31751== LEAK SUMMARY: ==31751== definitely lost: 40 bytes in 1 blocks ==31751== indirectly lost: 6 bytes in 1 blocks ==31751== possibly lost: 0 bytes in 0 blocks ==31751== still reachable: 0 bytes in 0 blocks ==31751== suppressed: 0 bytes in 0 blocks ==31751== Rerun with --leak-check=full to see details of leaked memory ==31751== ==31751== For counts of detected and suppressed errors, rerun with: -v ==31751== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4)
SUSE-SU-2016:1909-1: An update that fixes 20 vulnerabilities is now available. Category: security (important) Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835 CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libarchive-3.1.2-22.1 SUSE Linux Enterprise Server 12-SP1 (src): libarchive-3.1.2-22.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libarchive-3.1.2-22.1
SUSE-SU-2016:1939-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 920870,984990,985609,985669,985675,985682,985698 CVE References: CVE-2015-2304,CVE-2015-8918,CVE-2015-8920,CVE-2015-8921,CVE-2015-8924,CVE-2015-8929,CVE-2016-4809 Sources used: SUSE Studio Onsite 1.3 (src): bsdtar-2.5.5-9.1 SUSE OpenStack Cloud 5 (src): bsdtar-2.5.5-9.1 SUSE Manager Proxy 2.1 (src): bsdtar-2.5.5-9.1 SUSE Manager 2.1 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP4 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP2-LTSS (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): bsdtar-2.5.5-9.1
openSUSE-SU-2016:2036-1: An update that fixes 20 vulnerabilities is now available. Category: security (important) Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835 CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809 Sources used: openSUSE Leap 42.1 (src): libarchive-3.1.2-13.2
released