Bug 985712 (CVE-2015-8927) - VUL-1: CVE-2015-8927: bsdtar,libarchive: Heap out of bounds read when reading password for malformed ZIP
Summary: VUL-1: CVE-2015-8927: bsdtar,libarchive: Heap out of bounds read when reading...
Status: RESOLVED WONTFIX
Alias: CVE-2015-8927
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Adrian Schröter
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/170293/
Whiteboard: CVSSv2:SUSE:CVE-2015-8927:4.3:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-20 15:44 UTC by Marcus Meissner
Modified: 2016-09-01 10:20 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
pwcrash.zip (176 bytes, application/octet-stream)
2016-06-20 15:46 UTC, Marcus Meissner 		Details
eff35d4.patch (1.47 KB, patch)
2016-06-20 15:47 UTC, Marcus Meissner 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2016-06-20 15:44:55 UTC 
CVE-2015-8927

> https://github.com/libarchive/libarchive/issues/523
> Heap out of bounds read when reading password for malformed ZIP

Use CVE-2015-8927.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8927
http://seclists.org/oss-sec/2016/q2/566
Comment 1 Marcus Meissner 2016-06-20 15:46:50 UTC 
Created attachment 681388 [details]
pwcrash.zip

QA REPRODUCER:

bsdtar xf pwcrash.zip

x.txt: Encrypted file is unsupported
bsdtar: (null)
bsdtar: Error exit delayed from previous errors.


(we probably do not support password encrypted zips, so it does not reproduce on 13.2 at least)
Comment 2 Marcus Meissner 2016-06-20 15:47:45 UTC 
Created attachment 681389 [details]
eff35d4.patch

eff35d4 commit to fix
Comment 3 Swamp Workflow Management 2016-06-20 22:03:30 UTC 
bugbot adjusting priority
Comment 4 Adrian Schröter 2016-06-21 09:13:26 UTC 
version 3.1 and older is not affected by this. It is in new functionality of version 3.2.0