Bug 1012823 (CVE-2016-9480)

Summary: VUL-1: CVE-2016-9480: libdwarf: heap buffer overflow in dwarf_util.c
Product: [openSUSE] openSUSE Distribution Reporter: Alexander Bergmann <abergmann>
Component: SecurityAssignee: Dirk Mueller <dmueller>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, karol
Version: Leap 42.2   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2016-11-30 14:07:42 UTC
rh#1399990

libdwarf allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component.

References:
DW201611-006
https://www.prevanders.net/dwarfbug.html

Upstream bug (currently private):
https://sourceforge.net/p/libdwarf/bugs/5/

Upstream patch:
https://sourceforge.net/p/libdwarf/code/ci/5dd64de047cd5ec479fb11fe7ff2692fd819e5e5/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1399990
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9480
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9480.html
http://www.cvedetails.com/cve/CVE-2016-9480/
https://www.prevanders.net/dwarfbug.html
https://sourceforge.net/p/libdwarf/code/ci/5dd64de047cd5ec479fb11fe7ff2692fd819e5e5/
https://sourceforge.net/p/libdwarf/bugs/5/
Comment 2 Swamp Workflow Management 2016-11-30 23:00:52 UTC
bugbot adjusting priority
Comment 3 Dirk Mueller 2017-01-02 14:16:42 UTC
do you really want me to only fix this bug out of the 20 pending CVEs for libdwarf? also this is not really used in any security relevant context in leap, why bother?
Comment 4 Bernhard Wiedemann 2017-01-02 15:00:48 UTC
This is an autogenerated message for OBS integration:
This bug (1012823) was mentioned in
https://build.opensuse.org/request/show/448518 Factory / libdwarf
Comment 5 Karol Babioch 2018-01-16 10:48:40 UTC
Fixed in Factory, not fixing in Leap.