1207377 – (CVE-2022-45748) VUL-0: CVE-2022-45748: assimp: UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.

Bug 1207377 (CVE-2022-45748) - VUL-0: CVE-2022-45748: assimp: UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.

Summary: VUL-0: CVE-2022-45748: assimp: UaF in ColladaParser:ExtractDataObjectFromChan...

Status:	IN_PROGRESS

Alias:	CVE-2022-45748

Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Security (show other bugs)
Version:	Leap 15.5
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal (vote)
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/354449/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-01-23 07:58 UTC by Cathy Hu
Modified:	2024-02-15 13:25 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Cathy Hu 2023-01-23 07:58:18 UTC

CVE-2022-45748

An issue was discovered with assimp 5.1.4, a use after free occurred in function
ColladaParser::ExtractDataObjectFromChannel in file
/code/AssetLib/Collada/ColladaParser.cpp.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-45748
https://github.com/assimp/assimp/issues/4286
https://www.cve.org/CVERecord?id=CVE-2022-45748

Comment 1 Cathy Hu 2023-01-23 07:59:02 UTC

There is no fix yet currently.

We have these versions in opensuse:
- openSUSE:Backports:SLE-15-SP3/assimp  3.3.1
- openSUSE:Backports:SLE-15-SP4/assimp  5.1.3
- openSUSE:Factory/assimp               5.2.5

Comment 2 Christophe Marin 2023-08-28 13:03:07 UTC

(non-)update: still no fix upstream for this report and boo#1203187

Gentoo has patched their assimp build to exclude the collada module but I can't tell if it would break anything if I do the same thing.

Comment 3 Christophe Marin 2023-10-04 17:54:35 UTC

https://build.opensuse.org/request/show/1115677

Comment 4 OBSbugzilla Bot 2023-10-04 18:35:03 UTC

This is an autogenerated message for OBS integration:
This bug (1207377) was mentioned in
https://build.opensuse.org/request/show/1115678 Factory / assimp

Comment 6 OBSbugzilla Bot 2024-02-15 13:25:03 UTC

This is an autogenerated message for OBS integration:
This bug (1207377) was mentioned in
https://build.opensuse.org/request/show/1146832 Factory / assimp
https://build.opensuse.org/request/show/1146834 Backports:SLE-15-SP6 / assimp