991705 – (CVE-2016-2365) VUL-0: CVE-2016-2365: pidgin: MXIT Markup Command Denial of Service Vulnerability

Bug 991705 (CVE-2016-2365) - VUL-0: CVE-2016-2365: pidgin: MXIT Markup Command Denial of Service Vulnerability

Summary: VUL-0: CVE-2016-2365: pidgin: MXIT Markup Command Denial of Service Vulnerabi...

Status:	RESOLVED WONTFIX

Alias:	CVE-2016-2365

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Felix Zhang
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/170407/
Whiteboard:	CVSSv2:SUSE:CVE-2016-2365:4.3:(AV:N/A...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-08-02 13:12 UTC by Marcus Meissner
Modified:	2020-11-10 21:20 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2016-08-02 13:12:53 UTC

rh#1348858

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this vulnerability and cause a crash.

External references:

http://www.talosintel.com/reports/TALOS-2016-0133/
http://www.pidgin.im/news/security/?id=98

Upstream fix:

https://bitbucket.org/pidgin/main/commits/5fa3f2bc69d7

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1348858

Comment 1 Marcus Meissner 2016-08-02 13:14:10 UTC

both in sle11 and sle12

Comment 2 Marcus Meissner 2016-08-02 13:18:55 UTC

(actually the patch is not for this problem ... sigh )

Comment 3 Swamp Workflow Management 2016-08-02 22:02:00 UTC

bugbot adjusting priority

Comment 5 Marcus Meissner 2016-09-29 12:49:15 UTC

I looked around a bit, and the actual fix seems to be here:


https://bitbucket.org/pidgin/main/commits/2ba646d2f87902df4736c7f0ad8bfa3d89426d79

Comment 7 Felix Zhang 2018-06-11 13:44:32 UTC

With Mxit officially shut down its services in 2016 and pidgin dropped support to the protocol since 2.12. Efforts to backport the fix won't make much sense.
Discussed with Johannes and decided to close this as WONTFIX.