Bug 985665 (CVE-2015-8932) - VUL-1: CVE-2015-8932: bsdtar,libarchive: compress handler left shifting larger than int size
Summary: VUL-1: CVE-2015-8932: bsdtar,libarchive: compress handler left shifting large...
Status: RESOLVED FIXED
Alias: CVE-2015-8932
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/170302/
Whiteboard: CVSSv2:SUSE:CVE-2015-8932:5.0:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-20 13:52 UTC by Marcus Meissner
Modified: 2019-05-22 01:05 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
libarchive-undefined-shiftleft.bin (2 bytes, application/octet-stream)
2016-06-20 13:53 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2016-06-20 13:52:17 UTC 
CVE-2015-8932

> https://github.com/libarchive/libarchive/issues/547
> Undefined behavior / invalid shiftleft in TAR parser

Use CVE-2015-8932.



References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8932
http://seclists.org/oss-sec/2016/q2/566
Comment 1 Marcus Meissner 2016-06-20 13:53:24 UTC 
Created attachment 681337 [details]
libarchive-undefined-shiftleft.bin

reproducer ... although not sure how to trigger it externally.
Comment 2 Swamp Workflow Management 2016-06-20 22:00:55 UTC 
bugbot adjusting priority
Comment 3 Marcus Meissner 2016-07-07 08:40:24 UTC 
QA REPRODUCER:

bsdtar -tf Downloads/libarchive-undefined-shiftleft.bin

 there is however no indication of how it fails or not.
Comment 4 Swamp Workflow Management 2016-07-29 12:09:36 UTC 
SUSE-SU-2016:1909-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835
CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libarchive-3.1.2-22.1
SUSE Linux Enterprise Server 12-SP1 (src):    libarchive-3.1.2-22.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    libarchive-3.1.2-22.1
Comment 5 Swamp Workflow Management 2016-08-11 15:14:09 UTC 
openSUSE-SU-2016:2036-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 984990,985609,985665,985669,985673,985675,985679,985682,985685,985688,985689,985697,985698,985700,985703,985704,985706,985826,985832,985835
CVE References: CVE-2015-8918,CVE-2015-8919,CVE-2015-8920,CVE-2015-8921,CVE-2015-8922,CVE-2015-8923,CVE-2015-8924,CVE-2015-8925,CVE-2015-8926,CVE-2015-8928,CVE-2015-8929,CVE-2015-8930,CVE-2015-8931,CVE-2015-8932,CVE-2015-8933,CVE-2015-8934,CVE-2016-4300,CVE-2016-4301,CVE-2016-4302,CVE-2016-4809
Sources used:
openSUSE Leap 42.1 (src):    libarchive-3.1.2-13.2
Comment 6 Adrian Schröter 2018-10-10 12:05:01 UTC 
SLE 11 does not need the fix (no filter functionality)

SLE 12 got fixed

SLE 15 is new enough
Comment 7 Johannes Segitz 2018-10-11 08:14:38 UTC 
(In reply to Adrian Schröter from comment #6)
thank you, closing