Bug 1211945 (CVE-2023-32665)

Summary: VUL-0: CVE-2023-32665: glib2: GVariant deserialisation does not match spec for non-normal data
Product: [Novell Products] SUSE Security Incidents Reporter: Carlos López <carlos.lopez>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez, gnome-bugs, security-team, yfjiang
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/368199/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-32665:6.5:(AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Carlos López 2023-06-02 08:17:31 UTC 
CVE-2023-32665

GLib's GVariant deserialization prior to GLib 2.74.4 is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

References:
https://gitlab.gnome.org/GNOME/glib/-/issues/2121

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32665
https://bugzilla.redhat.com/show_bug.cgi?id=2211827
https://bugzilla.redhat.com/show_bug.cgi?id=2211832
Comment 1 Yifan Jiang 2023-06-05 03:28:44 UTC 
Hi Carlos, there seems to be a series of bugs related with glib2:

bsc#1211945
bsc#1211946
bsc#1211947
bsc#1211948
bsc#1211951

Some of them are related and dependent on each other. Since the changed code section seems not trivial, could you please confirm which version of SLE do we need the fixes?
Comment 3 Yifan Jiang 2023-08-01 02:08:55 UTC 
Thanks Carlos!

As I understood, the SLE-15:Update/glib2 is the only branch we'd consider backport and fix. Daike, could you help to take care of this one please, thank you.
Comment 8 Maintenance Automation 2023-09-05 16:30:23 UTC 
SUSE-SU-2023:3535-1: An update that solves six vulnerabilities can now be installed.

Category: security (important)
Bug References: 1183533, 1211945, 1211946, 1211947, 1211948, 1211951
CVE References: CVE-2021-28153, CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): glib2-2.54.3-150000.4.29.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): glib2-2.54.3-150000.4.29.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): glib2-2.54.3-150000.4.29.1
SUSE Enterprise Storage 6 (src): glib2-2.54.3-150000.4.29.1
SUSE CaaS Platform 4.0 (src): glib2-2.54.3-150000.4.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Carlos López 2024-02-22 14:38:35 UTC 
Done, closing.