999685 – (CVE-2016-7416) VUL-0: CVE-2016-7416: php5, php7: Stack based buffer overflow in msgfmt_format_message

Bug 999685 (CVE-2016-7416) - VUL-0: CVE-2016-7416: php5, php7: Stack based buffer overflow in msgfmt_format_message

Summary: VUL-0: CVE-2016-7416: php5, php7: Stack based buffer overflow in msgfmt_forma...

Status:	RESOLVED FIXED

Alias:	CVE-2016-7416

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/172666/
Whiteboard:	maint:running:63038:important CVSSv2:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-09-19 14:19 UTC by Victor Pereira
Modified:	2017-09-20 06:35 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2016-09-19 14:19:13 UTC

rh#1377340

It was discovered that big locale string causes stack based overflow inside libicu.

PHP bug:

https://bugs.php.net/bug.php?id=73007

PHP patch:

https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1



References:
https://bugzilla.redhat.com/show_bug.cgi?id=1377340
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7416
http://seclists.org/oss-sec/2016/q3/518
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7416.html
http://www.cvedetails.com/cve/CVE-2016-7416/

Comment 1 Swamp Workflow Management 2016-09-19 22:02:25 UTC

bugbot adjusting priority

Comment 2 Bernhard Wiedemann 2016-09-23 10:01:33 UTC

This is an autogenerated message for OBS integration:
This bug (999685) was mentioned in
https://build.opensuse.org/request/show/429748 13.2 / php5
https://build.opensuse.org/request/show/429753 13.2 / php5

Comment 4 Petr Gajdos 2016-09-23 11:16:07 UTC

I believe all fixed.

Comment 7 Swamp Workflow Management 2016-10-04 14:11:09 UTC

openSUSE-SU-2016:2444-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
openSUSE 13.2 (src):    php5-5.6.1-78.1

Comment 8 Swamp Workflow Management 2016-10-05 16:14:25 UTC

SUSE-SU-2016:2459-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 997206,997207,997208,997210,997211,997220,997225,997230,997257,999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7124,CVE-2016-7125,CVE-2016-7126,CVE-2016-7127,CVE-2016-7128,CVE-2016-7129,CVE-2016-7130,CVE-2016-7131,CVE-2016-7132,CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE OpenStack Cloud 5 (src):    php53-5.3.17-84.1
SUSE Manager Proxy 2.1 (src):    php53-5.3.17-84.1
SUSE Manager 2.1 (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Server 11-SP4 (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    php53-5.3.17-84.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    php53-5.3.17-84.1

Comment 9 Swamp Workflow Management 2016-10-05 19:13:16 UTC

SUSE-SU-2016:2460-1: An update that solves 29 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1001950,987580,988032,991422,991424,991426,991427,991428,991429,991430,991434,991437,995512,997206,997207,997208,997210,997211,997220,997225,997230,997247,997248,997257,999313,999679,999680,999684,999685,999819,999820
CVE References: CVE-2016-4473,CVE-2016-5399,CVE-2016-6128,CVE-2016-6161,CVE-2016-6207,CVE-2016-6289,CVE-2016-6290,CVE-2016-6291,CVE-2016-6292,CVE-2016-6295,CVE-2016-6296,CVE-2016-6297,CVE-2016-7124,CVE-2016-7125,CVE-2016-7126,CVE-2016-7127,CVE-2016-7128,CVE-2016-7129,CVE-2016-7130,CVE-2016-7131,CVE-2016-7132,CVE-2016-7133,CVE-2016-7134,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    php7-7.0.7-15.1
SUSE Linux Enterprise Module for Web Scripting 12 (src):    php7-7.0.7-15.1

Comment 10 Swamp Workflow Management 2016-10-05 23:09:13 UTC

SUSE-SU-2016:2461-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    php53-5.3.17-58.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    php53-5.3.17-58.1

Comment 11 Swamp Workflow Management 2016-10-07 19:13:32 UTC

SUSE-SU-2016:2477-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    php5-5.5.14-78.1
SUSE Linux Enterprise Module for Web Scripting 12 (src):    php5-5.5.14-78.1

Comment 12 Swamp Workflow Management 2016-10-14 14:12:21 UTC

openSUSE-SU-2016:2540-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
openSUSE Leap 42.1 (src):    php5-5.5.14-62.1

Comment 13 Marcus Meissner 2016-10-31 08:46:14 UTC

released

Comment 14 Swamp Workflow Management 2016-11-01 15:08:05 UTC

SUSE-SU-2016:2477-2: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 999679,999680,999682,999684,999685,999819,999820
CVE References: CVE-2016-7411,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    php5-5.5.14-78.1

Comment 15 Swamp Workflow Management 2016-11-01 15:26:17 UTC

SUSE-SU-2016:2460-2: An update that solves 29 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1001950,987580,988032,991422,991424,991426,991427,991428,991429,991430,991434,991437,995512,997206,997207,997208,997210,997211,997220,997225,997230,997247,997248,997257,999313,999679,999680,999684,999685,999819,999820
CVE References: CVE-2016-4473,CVE-2016-5399,CVE-2016-6128,CVE-2016-6161,CVE-2016-6207,CVE-2016-6289,CVE-2016-6290,CVE-2016-6291,CVE-2016-6292,CVE-2016-6295,CVE-2016-6296,CVE-2016-6297,CVE-2016-7124,CVE-2016-7125,CVE-2016-7126,CVE-2016-7127,CVE-2016-7128,CVE-2016-7129,CVE-2016-7130,CVE-2016-7131,CVE-2016-7132,CVE-2016-7133,CVE-2016-7134,CVE-2016-7412,CVE-2016-7413,CVE-2016-7414,CVE-2016-7416,CVE-2016-7417,CVE-2016-7418
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    php7-7.0.7-15.1