979822 – (CVE-2016-2334) VUL-0: CVE-2016-2334: p7zip: HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Bug 979822 (CVE-2016-2334) - VUL-0: CVE-2016-2334: p7zip: HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Summary: VUL-0: CVE-2016-2334: p7zip: HFS+ NArchive::NHfs::CHandler::ExtractZlibFile C...

Status:	RESOLVED FIXED

Alias:	CVE-2016-2334

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	x86-64 Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:RedHat:CVE-2016-2334:4.0:(AV:N...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-05-12 23:56 UTC by Mikhail Kasimov
Modified:	2016-06-16 14:47 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mikhail Kasimov 2016-05-12 23:56:27 UTC

CVE-2016-2334: 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Described on: http://www.talosintel.com/reports/TALOS-2016-0093/
=====
Tested Versions

7-Zip [32] 15.05 beta
7-Zip [64] 9.20
           ^^^^^^-- is in all openSUSE version, including Tumbleweed. (http://software.opensuse.org/package/p7zip)

Comment 1 Swamp Workflow Management 2016-05-13 22:00:16 UTC

bugbot adjusting priority

Comment 2 Kristyna Streitova 2016-05-16 13:47:44 UTC

Fixed in 7-Zip 16.00 (2016-05-10)

Patch:
https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/#1dba

(In reply to Mikhail Kasimov from comment #0)
> 7-Zip [64] 9.20
>            ^^^^^^-- is in all openSUSE version, including Tumbleweed.

Please note that we have version 15.14.1 in Tumbleweed [1]. 

The fix is already on the way to Factory [2].


[1] https://build.opensuse.org/package/show/openSUSE:Factory/p7zip
[2] https://build.opensuse.org/request/show/395152

Comment 5 Marcus Meissner 2016-05-24 13:05:00 UTC

Code is apparently not in the SLE12 codebase 9.20.1, nor in other files of this source.

So 9.20.1 seems not affected.

Comment 6 Kristyna Streitova 2016-05-24 15:16:27 UTC

Thanks. All done then.

|     Codestream     | Version | Affected | Request # |
|--------------------|---------|----------|-----------|
| SUSE:SLE-12:Update | 9.20.1  | no       | -         |
| openSUSE:13.2      | 9.20.1  | no       | -         |
| openSUSE:Leap:42.1 | 9.20.1  | no       | -         |
| openSUSE:Factory   | 15.14.1 | yes      | #395152   |

Reassigning to the security team.

Comment 7 Marcus Meissner 2016-06-16 14:47:55 UTC

released