Bug 1190150 (CVE-2021-33930) - VUL-0: CVE-2021-33930: libsolv: libsolv: heap-based buffer overflow in pool_installable_whatprovides() in src/repo.h
Summary: VUL-0: CVE-2021-33930: libsolv: libsolv: heap-based buffer overflow in pool_i...
Status: RESOLVED WORKSFORME
: CVE-2021-33938 CVE-2021-33928 CVE-2021-33929 (view as bug list)
Alias: CVE-2021-33930
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Michael Schröder
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/309025/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-33930:0.0:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-03 07:40 UTC by Robert Frohl
Modified: 2022-04-11 09:10 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2021-09-03 07:40:36 UTC 
rh#2000705

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Reference:
https://github.com/openSUSE/libsolv/issues/417

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2000705
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33930
https://github.com/openSUSE/libsolv/issues/417
Comment 1 Michael Schröder 2021-09-03 13:11:58 UTC 
This is a testcase reader bug. So very low priority.

Anyway, libsolv-0.6.37 we use in SLE-12 already contains this fix. So I think we can close this, right?
Comment 2 Michael Schröder 2021-10-08 12:39:26 UTC 
Closing...
Comment 3 Michael Schröder 2021-10-08 12:41:22 UTC 
*** Bug 1190149 has been marked as a duplicate of this bug. ***
Comment 4 Michael Schröder 2021-10-08 12:41:50 UTC 
*** Bug 1190148 has been marked as a duplicate of this bug. ***
Comment 5 Michael Schröder 2021-10-08 12:42:20 UTC 
*** Bug 1190147 has been marked as a duplicate of this bug. ***