Bugzilla – Bug 1038837
VUL-0: CVE-2017-8911: tnef: integer underflow has been identified in the unicode_to_utf8() function
Last modified: 2017-11-25 23:36:52 UTC
Created attachment 724861 [details] poc_CVE-2017-8911 Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-8911 ==================================================== Description An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. ==================================================== Hyperlink [1] https://github.com/verdammelt/tnef/issues/23 [2] https://security-tracker.debian.org/tracker/CVE-2017-8911 (open-)SUSE: https://software.opensuse.org/package/tnef 1.4.9 (TW, official repo) 1.4.12 (42.{1,2}, official repo) On Leap 42.2: ==================================================== k_mikhail@linux-mk500:~> tnef -f poc_CVE-2017-8911 Ошибка сегментирования (core dumped) (gdb) bt #0 mapi_attr_read (len=<optimized out>, buf=0x2125290 "8") at mapi_attr.c:308 #1 0x0000000000404635 in parse_file (input_file=input_file@entry=0x2125030, directory=directory@entry=0x0, body_filename=body_filename@entry=0x0, body_pref=body_pref@entry=0x2125010 "rht", flags=flags@entry=0) at tnef.c:301 #2 0x0000000000401648 in main (argc=3, argv=<optimized out>) at main.c:380 (gdb) ====================================================
you prepared the last submit, would you be willing to take this?
https://build.opensuse.org/request/show/542257
Maintainers please approve review https://build.opensuse.org/request/show/542257
done
openSUSE-SU-2017:3095-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1038837 CVE References: CVE-2017-8911 Sources used: openSUSE Leap 42.3 (src): tnef-1.4.15-8.1 openSUSE Leap 42.2 (src): tnef-1.4.15-5.3.1