Bug 985609 (CVE-2015-8924) - VUL-0: CVE-2015-8924: bsdtar,libarchive: heap buffer read overflow in tar
Summary: VUL-0: CVE-2015-8924: bsdtar,libarchive: heap buffer read overflow in tar
Status: RESOLVED FIXED
Alias: CVE-2015-8924
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2016-07-15
Assignee: Adrian Schröter
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/170290/
Whiteboard: CVSSv2:SUSE:CVE-2015-8924:4.3:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-20 09:36 UTC by Marcus Meissner
Modified: 2019-05-22 01:05 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
tar-heap-overflow.tar (1.50 KB, application/octet-stream)
2016-06-20 09:38 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2016-06-20 09:36:34 UTC 
CVE-2015-8924

> https://github.com/libarchive/libarchive/issues/515
> Heap out of bounds read in TAR parser


http://seclists.org/oss-sec/2016/q2/566
Comment 1 Marcus Meissner 2016-06-20 09:38:33 UTC 
Created attachment 681305 [details]
tar-heap-overflow.tar

QA:

valgrind bsdtar tvf ~/Downloads/tar-heap-overflow.tar

==24058== Invalid read of size 4
==24058==    at 0x4E7D115: ??? (in /usr/lib64/libarchive.so.13.1.2)
==24058==    by 0x4E545DA: ??? (in /usr/lib64/libarchive.so.13.1.2)


the invalid read should not be reported.
Comment 2 Swamp Workflow Management 2016-06-20 22:00:24 UTC 
bugbot adjusting priority
Comment 3 Swamp Workflow Management 2016-07-08 04:28:09 UTC 
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-07-15.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62891
Comment 4 Swamp Workflow Management 2016-07-29 12:09:25 UTC 
SUSE-SU-2016:1909-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835
CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libarchive-3.1.2-22.1
SUSE Linux Enterprise Server 12-SP1 (src):    libarchive-3.1.2-22.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    libarchive-3.1.2-22.1
Comment 5 Swamp Workflow Management 2016-08-02 15:09:29 UTC 
SUSE-SU-2016:1939-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 920870,984990,985609,985669,985675,985682,985698
CVE References: CVE-2015-2304,CVE-2015-8918,CVE-2015-8920,CVE-2015-8921,CVE-2015-8924,CVE-2015-8929,CVE-2016-4809
Sources used:
SUSE Studio Onsite 1.3 (src):    bsdtar-2.5.5-9.1
SUSE OpenStack Cloud 5 (src):    bsdtar-2.5.5-9.1
SUSE Manager Proxy 2.1 (src):    bsdtar-2.5.5-9.1
SUSE Manager 2.1 (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Server 11-SP4 (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    bsdtar-2.5.5-9.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    bsdtar-2.5.5-9.1
Comment 6 Swamp Workflow Management 2016-08-11 15:13:59 UTC 
openSUSE-SU-2016:2036-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835
CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809
Sources used:
openSUSE Leap 42.1 (src):    libarchive-3.1.2-13.2
Comment 7 Marcus Meissner 2018-02-16 07:22:45 UTC 
released