1082216 – (CVE-2018-6913) VUL-0: CVE-2018-6913: perl: heap buffer overflow bug

Bug 1082216 (CVE-2018-6913) - VUL-0: CVE-2018-6913: perl: heap buffer overflow bug

Summary: VUL-0: CVE-2018-6913: perl: heap buffer overflow bug

Status:	RESOLVED FIXED
Duplicates (1):	1224040 (view as bug list)

Alias:	CVE-2018-6913

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Michael Schröder
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/200608/
Whiteboard:	CVSSv3.1:SUSE:CVE-2018-6913:7.5:(AV:N...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2018-02-22 07:10 UTC by Karol Babioch
Modified:	2024-07-25 14:23 UTC (History)
CC List:	8 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Upstream patches (20.00 KB, application/x-tar) 2018-03-20 07:25 UTC, Johannes Segitz	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Karol Babioch 2018-02-22 07:10:56 UTC

* CVE-2018-6913

This is a heap buffer overflow bug, reported by GwanYeong Kim and
fixed by Tony Cook. This is Tony's technical description:

    > The issues here could result in an exploit in code that accepts
either large blocks of data from untrusted sources and/or duplicates
such blocks.
    > The supplied case is a compile-time failure while constant
folding, but the same issue could be triggered during runtime with
attacker supplied data.
    > Such code is already subject to denial-of-service attacks (the
code can be made to allocate large amounts of memory, as it does on
64-bit systems), but this expands such an attack to a malloced buffer
overflow, which is more serious.

The following patch can be applied to 5.27 and 5.26 (development and
latest stable):

  - 0001-perl-131844-fix-various-space-calculation-issues-in-.patch.

This patch can also be applied to 5.26, not just 5.27.x.

The following can be applied to 5.24:

  - 0001-perl-131844-5.24-fix-various-space-calculation-issue.patch

Comment 5 Johannes Segitz 2018-02-26 13:39:28 UTC

CRD: 2018-03-15

Comment 9 Johannes Segitz 2018-03-20 07:25:52 UTC

Created attachment 764188 [details]
Upstream patches

CRD: 2018-04-14

From: Sawyer X
* I've attached two patches to replace the original patches in the
series for CVE-2018-6913.
* The 5.24 named patch is against maint-5.24 (our maintenance branch
for 5.24), the blead patch is against 5.26 or blead (our development
branch).

Comment 10 Johannes Segitz 2018-04-17 06:09:48 UTC

public

Comment 11 Swamp Workflow Management 2018-04-18 10:15:01 UTC

SUSE-SU-2018:0976-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1082216,1082233
CVE References: CVE-2018-6798,CVE-2018-6913
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    perl-5.10.0-64.81.10.1
SUSE Linux Enterprise Server 11-SP4 (src):    perl-5.10.0-64.81.10.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    perl-5.10.0-64.81.10.1

Comment 12 Swamp Workflow Management 2018-04-25 16:11:16 UTC

SUSE-SU-2018:1074-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1082216,1082233,1082234
CVE References: CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    perl-5.18.2-12.11.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    perl-5.18.2-12.11.1
SUSE CaaS Platform ALL (src):    perl-5.18.2-12.11.1
OpenStack Cloud Magnum Orchestration 7 (src):    perl-5.18.2-12.11.1

Comment 13 Swamp Workflow Management 2018-04-26 22:09:56 UTC

openSUSE-SU-2018:1095-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1082216,1082233,1082234
CVE References: CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Sources used:
openSUSE Leap 42.3 (src):    perl-5.18.2-12.1

Comment 16 Swamp Workflow Management 2018-07-17 10:13:45 UTC

SUSE-SU-2018:1972-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1068565,1082216,1082233,1082234,1096718
CVE References: CVE-2018-12015,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Sources used:
SUSE OpenStack Cloud 7 (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server 12-SP3 (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Server 12-LTSS (src):    perl-5.18.2-12.14.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    perl-5.18.2-12.14.1
SUSE Enterprise Storage 4 (src):    perl-5.18.2-12.14.1
SUSE CaaS Platform ALL (src):    perl-5.18.2-12.14.1
OpenStack Cloud Magnum Orchestration 7 (src):    perl-5.18.2-12.14.1

Comment 17 Swamp Workflow Management 2018-08-20 13:07:59 UTC

SUSE-SU-2018:2447-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1068565,1082216,1082233,1082234,1096718
CVE References: CVE-2018-12015,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Sources used:
SUSE CaaS Platform 3.0 (src):    perl-5.18.2-12.17.1

Comment 18 Swamp Workflow Management 2018-10-18 16:20:31 UTC

SUSE-SU-2018:1972-2: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1068565,1082216,1082233,1082234,1096718
CVE References: CVE-2018-12015,CVE-2018-6797,CVE-2018-6798,CVE-2018-6913
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    perl-5.18.2-12.14.1

Comment 28 Ali Abdallah 2024-05-09 06:26:27 UTC

*** Bug 1224040 has been marked as a duplicate of this bug. ***

Comment 30 Maintenance Automation 2024-05-14 08:30:03 UTC

SUSE-SU-2024:1630-1: An update that solves four vulnerabilities can now be installed.

Category: security (important)
Bug References: 1047178, 1082216, 1082233, 1210999
CVE References: CVE-2017-6512, CVE-2018-6798, CVE-2018-6913, CVE-2023-31484
Maintenance Incident: [SUSE:Maintenance:33799](https://smelt.suse.de/incident/33799/)
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src):
 perl-5.26.1-150000.7.18.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src):
 perl-5.26.1-150000.7.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src):
 perl-5.26.1-150000.7.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Maintenance Automation 2024-05-22 16:30:15 UTC

SUSE-SU-2024:1762-1: An update that solves two vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1082216, 1082233, 1213638
CVE References: CVE-2018-6798, CVE-2018-6913
Maintenance Incident: [SUSE:Maintenance:33798](https://smelt.suse.de/incident/33798/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Manager Proxy 4.3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Manager Retail Branch Server 4.3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Manager Server 4.3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Enterprise Storage 7.1 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro 5.1 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro 5.2 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 perl-5.26.1-150300.17.17.1
openSUSE Leap 15.3 (src):
 perl-5.26.1-150300.17.17.1
openSUSE Leap Micro 5.3 (src):
 perl-5.26.1-150300.17.17.1
openSUSE Leap Micro 5.4 (src):
 perl-5.26.1-150300.17.17.1
openSUSE Leap 15.5 (src):
 perl-5.26.1-150300.17.17.1
openSUSE Leap 15.6 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro 5.3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro 5.4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Micro 5.5 (src):
 perl-5.26.1-150300.17.17.1
Basesystem Module 15-SP5 (src):
 perl-5.26.1-150300.17.17.1
Basesystem Module 15-SP6 (src):
 perl-5.26.1-150300.17.17.1
Development Tools Module 15-SP5 (src):
 perl-5.26.1-150300.17.17.1
Development Tools Module 15-SP6 (src):
 perl-5.26.1-150300.17.17.1
SUSE Package Hub 15 15-SP5 (src):
 perl-5.26.1-150300.17.17.1
SUSE Package Hub 15 15-SP6 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 perl-5.26.1-150300.17.17.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 perl-5.26.1-150300.17.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.