1141680 – (CVE-2019-1010305) VUL-1: CVE-2019-1010305: libmspack: buffer overflow in chmd_read_headers() in libmspack leads to information disclosure

Bug 1141680 (CVE-2019-1010305) - VUL-1: CVE-2019-1010305: libmspack: buffer overflow in chmd_read_headers() in libmspack leads to information disclosure

Summary: VUL-1: CVE-2019-1010305: libmspack: buffer overflow in chmd_read_headers() in...

Status:	RESOLVED FIXED

Alias:	CVE-2019-1010305

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/237189/
Whiteboard:	CVSSv3:SUSE:CVE-2019-1010305:2.5:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2019-07-16 15:23 UTC by Wolfgang Frisch
Modified:	2024-05-06 13:08 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Frisch 2019-07-16 15:23:18 UTC

CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information
Disclosure. The component is: function chmd_read_headers() in libmspack(file
libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially
crafted chm file. The fixed version is: after commit
2f084136cfe0d05e5bf5703f3e83c6d955234b4d.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010305
https://github.com/kyz/libmspack/issues/27
https://github.com/kyz/libmspack/commit/2f084136cfe0d05e5bf5703f3e83c6d955234b4d

Comment 4 Swamp Workflow Management 2020-05-27 22:20:16 UTC

SUSE-SU-2020:1493-1: An update that solves one vulnerability and has one errata is now available.

Category: security (low)
Bug References: 1130489,1141680
CVE References: CVE-2019-1010305
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    libmspack-0.6-3.8.19

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 5 Swamp Workflow Management 2020-05-31 10:14:31 UTC

openSUSE-SU-2020:0746-1: An update that solves one vulnerability and has one errata is now available.

Category: security (low)
Bug References: 1130489,1141680
CVE References: CVE-2019-1010305
Sources used:
openSUSE Leap 15.1 (src):    libmspack-0.6-lp151.4.3.1

Comment 6 Swamp Workflow Management 2020-09-22 19:19:25 UTC

SUSE-SU-2020:2711-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1113038,1113039,1130489,1141680
CVE References: CVE-2018-18584,CVE-2018-18585,CVE-2019-1010305
JIRA References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    libmspack-0.4-15.7.1
SUSE Linux Enterprise Server 12-SP5 (src):    libmspack-0.4-15.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Thomas Leroy 2024-05-06 13:08:28 UTC

All done, closing.