Bug 1214066 (CVE-2023-39976)

Summary:	VUL-0: CVE-2023-39976: libqb: log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Cathy Hu <cathy.hu>
Component:	Incidents	Assignee:	Yan Gao <ygao>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	emil.penchev, gabriele.sonnu, rfrohl, security-team, stoyan.manolov, ygao, zzhou
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/374462/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-39976:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Cathy Hu 2023-08-08 09:55:49 UTC

CVE-2023-39976

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log
messages because the header size is not considered.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39976
https://www.cve.org/CVERecord?id=CVE-2023-39976
https://github.com/ClusterLabs/libqb/commit/1bbaa929b77113532785c408dd1b41cd0521ffc8
https://github.com/ClusterLabs/libqb/compare/v2.0.7...v2.0.8
https://github.com/ClusterLabs/libqb/pull/490

Comment 1 Cathy Hu 2023-08-08 09:56:08 UTC

Affected:
- SUSE:SLE-12-SP2:Update/libqb        1.0.0
- SUSE:SLE-12-SP3:Update/libqb        1.0.3+20171226.6d62b64
- SUSE:SLE-15:Update/libqb            1.0.3+20171226.6d62b64
- SUSE:SLE-15-SP1:Update/libqb        1.0.3+20190326.a521604
- SUSE:SLE-15-SP3:Update/libqb        2.0.2+20201203.def947e
- SUSE:SLE-15-SP4:Update/libqb        2.0.4+20211112.a2691b9
- SUSE:SLE-15-SP5:Update/libqb        2.0.6+20220323.758044b
- SUSE:ALP:Source:Standard:1.0/libqb  2.0.7+20230607.06c8641

Not affected:
- openSUSE:Factory/libqb              2.0.8+20230721.002171b

Comment 8 Maintenance Automation 2023-09-22 12:30:11 UTC

SUSE-SU-2023:3728-1: An update that solves one vulnerability can now be installed.

Category: security (moderate)
Bug References: 1214066
CVE References: CVE-2023-39976
Sources used:
openSUSE Leap 15.4 (src): libqb-1.0.3+20190326.a521604-150100.3.9.1
SUSE Linux Enterprise High Availability Extension 15 SP1 (src): libqb-1.0.3+20190326.a521604-150100.3.9.1
SUSE Linux Enterprise High Availability Extension 15 SP2 (src): libqb-1.0.3+20190326.a521604-150100.3.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Maintenance Automation 2023-09-22 12:30:14 UTC

SUSE-SU-2023:3727-1: An update that solves one vulnerability can now be installed.

Category: security (moderate)
Bug References: 1214066
CVE References: CVE-2023-39976
Sources used:
SUSE Linux Enterprise High Availability Extension 15 SP3 (src): libqb-2.0.2+20201203.def947e-150300.3.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Maintenance Automation 2023-09-29 12:30:10 UTC

SUSE-SU-2023:3897-1: An update that solves one vulnerability can now be installed.

Category: security (moderate)
Bug References: 1214066
CVE References: CVE-2023-39976
Sources used:
openSUSE Leap 15.5 (src): libqb-2.0.6+20220323.758044b-150500.3.3.1
Basesystem Module 15-SP5 (src): libqb-2.0.6+20220323.758044b-150500.3.3.1
SUSE Linux Enterprise High Availability Extension 15 SP5 (src): libqb-2.0.6+20220323.758044b-150500.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 11 Maintenance Automation 2023-10-03 20:30:47 UTC

SUSE-SU-2023:3944-1: An update that solves one vulnerability can now be installed.

Category: security (moderate)
Bug References: 1214066
CVE References: CVE-2023-39976
Sources used:
openSUSE Leap 15.4 (src): libqb-2.0.4+20211112.a2691b9-150400.4.3.1
Basesystem Module 15-SP4 (src): libqb-2.0.4+20211112.a2691b9-150400.4.3.1
SUSE Linux Enterprise High Availability Extension 15 SP4 (src): libqb-2.0.4+20211112.a2691b9-150400.4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 12 Yan Gao 2023-10-04 12:04:31 UTC

(In reply to Hu from comment #1)
> Affected:
> - SUSE:SLE-12-SP2:Update/libqb        1.0.0
> - SUSE:SLE-12-SP3:Update/libqb        1.0.3+20171226.6d62b64
> - SUSE:SLE-15:Update/libqb            1.0.3+20171226.6d62b64

FYI, these versions are immune to this issue, since they don't even contain the commit that had introduced the issue in the first place:

https://github.com/ClusterLabs/libqb/commit/0ec02f9ac589e9e21e447f4406ec104ade01ef73

Comment 16 Robert Frohl 2024-05-23 08:32:35 UTC

done, closing