Bugzilla – Bug 985682
VUL-1: CVE-2015-8921: bsdtar,libarchive: Global out of bounds read in mtree parser
Last modified: 2019-05-22 01:05:45 UTC
CVE-2015-8921 > https://github.com/libarchive/libarchive/issues/512 > Global out of bounds read in mtree parser Use CVE-2015-8921. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8921 http://seclists.org/oss-sec/2016/q2/566
Created attachment 681357 [details] invalid-read-overflow.mtree QA REPRODUCER: valgrind bsdtar xf invalid-read-overflow.mtree (did not reproduce for me though)
Created attachment 681358 [details] 1cbc76f.patch commit 1cbc76f
bugbot adjusting priority
do not see any difference before and after update before: ------- # valgrind bsdtar xf invalid-read-overflow.mtree ==7349== Memcheck, a memory error detector ==7349== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==7349== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==7349== Command: bsdtar xf invalid-read-overflow.mtree ==7349== bsdtar: Unrecognized archive format: Invalid or incomplete multibyte or wide character bsdtar: Error exit delayed from previous errors. ==7349== ==7349== HEAP SUMMARY: ==7349== in use at exit: 46 bytes in 2 blocks ==7349== total heap usage: 61 allocs, 59 frees, 91,443 bytes allocated ==7349== ==7349== LEAK SUMMARY: ==7349== definitely lost: 40 bytes in 1 blocks ==7349== indirectly lost: 6 bytes in 1 blocks ==7349== possibly lost: 0 bytes in 0 blocks ==7349== still reachable: 0 bytes in 0 blocks ==7349== suppressed: 0 bytes in 0 blocks ==7349== Rerun with --leak-check=full to see details of leaked memory ==7349== ==7349== For counts of detected and suppressed errors, rerun with: -v ==7349== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4) after: ------ # valgrind bsdtar xf invalid-read-overflow.mtree ==30338== Memcheck, a memory error detector ==30338== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==30338== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==30338== Command: bsdtar xf invalid-read-overflow.mtree ==30338== bsdtar: Unrecognized archive format: Invalid or incomplete multibyte or wide character bsdtar: Error exit delayed from previous errors. ==30338== ==30338== HEAP SUMMARY: ==30338== in use at exit: 46 bytes in 2 blocks ==30338== total heap usage: 61 allocs, 59 frees, 91,443 bytes allocated ==30338== ==30338== LEAK SUMMARY: ==30338== definitely lost: 40 bytes in 1 blocks ==30338== indirectly lost: 6 bytes in 1 blocks ==30338== possibly lost: 0 bytes in 0 blocks ==30338== still reachable: 0 bytes in 0 blocks ==30338== suppressed: 0 bytes in 0 blocks ==30338== Rerun with --leak-check=full to see details of leaked memory ==30338== ==30338== For counts of detected and suppressed errors, rerun with: -v ==30338== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4)
SUSE-SU-2016:1909-1: An update that fixes 20 vulnerabilities is now available. Category: security (important) Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835 CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libarchive-3.1.2-22.1 SUSE Linux Enterprise Server 12-SP1 (src): libarchive-3.1.2-22.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libarchive-3.1.2-22.1
SUSE-SU-2016:1939-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 920870,984990,985609,985669,985675,985682,985698 CVE References: CVE-2015-2304,CVE-2015-8918,CVE-2015-8920,CVE-2015-8921,CVE-2015-8924,CVE-2015-8929,CVE-2016-4809 Sources used: SUSE Studio Onsite 1.3 (src): bsdtar-2.5.5-9.1 SUSE OpenStack Cloud 5 (src): bsdtar-2.5.5-9.1 SUSE Manager Proxy 2.1 (src): bsdtar-2.5.5-9.1 SUSE Manager 2.1 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP4 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Server 11-SP2-LTSS (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): bsdtar-2.5.5-9.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): bsdtar-2.5.5-9.1
openSUSE-SU-2016:2036-1: An update that fixes 20 vulnerabilities is now available. Category: security (important) Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835 CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809 Sources used: openSUSE Leap 42.1 (src): libarchive-3.1.2-13.2
released