Bug 1217032

Summary: VUL-0: scamper: TCP packet parsing buffer overflow via large TCP fast open cookie
Product: [openSUSE] openSUSE Tumbleweed Reporter: Carlos López <carlos.lopez>
Component: SecurityAssignee: Sebastian Wagner <sebix+novell.com>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: dmueller, sebix+novell.com
Version: Current   
Target Milestone: Current   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Carlos López 2023-11-10 15:40:50 UTC 
[scamper-announce] scamper-cvs-20230614d
Matthew Luckie mjl at luckie.org.nz
Mon Oct 9 10:37:01 PDT 2023
Previous message (by thread): [scamper-announce] scamper-cvs-20230614c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
https://www.caida.org/catalog/software/scamper/code/scamper-cvs-20230614d.tar.gz

SHA256 (scamper-cvs-20230614d.tar.gz) = 54423b64a0b68aafa903d9260c2bff5c16f3cca44997e0e830d17296f6f03a59
SIZE (scamper-cvs-20230614d.tar.gz) = 2214467

scamper:
* fix buffer overflow when parsing TCP packets where the sender
  includes a TCP fast open cookie larger than 16 bytes.

References:
https://mailman.caida.org/pipermail/scamper-announce/2023-October/000037.html
Comment 1 Sebastian Wagner 2023-11-10 15:49:26 UTC 
The package is not in Leap, "only" in network:utilities and Factory/TW.
Comment 2 Carlos López 2023-11-10 15:51:44 UTC 
(In reply to Sebastian Wagner from comment #1)
> The package is not in Leap, "only" in network:utilities and Factory/TW.

It's also in:
 - openSUSE:Backports:SLE-15-SP4
 - openSUSE:Backports:SLE-15-SP5
 - openSUSE:Backports:SLE-15-SP6

Which means it's in Leap
Comment 3 Sebastian Wagner 2023-11-10 15:52:27 UTC 
Okay, https://software.opensuse.org/package/scamper doesn't show that.
Comment 4 Carlos López 2023-11-10 15:56:34 UTC 
(In reply to Sebastian Wagner from comment #3)
> Okay, https://software.opensuse.org/package/scamper doesn't show that.

They show up under "Unsupported distributions", not sure why though. In my Leap 15.4 system:

$ sudo zypper se --details scamper
Loading repository data...
Reading installed packages...

S | Name                 | Type    | Version              | Arch   | Repository
--+----------------------+---------+----------------------+--------+-------------------
  | libscamperfile-devel | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | libscamperfile-devel | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
  | libscamperfile0      | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | libscamperfile0      | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
  | scamper              | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | scamper              | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
Comment 5 OBSbugzilla Bot 2023-11-10 17:25:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1217032) was mentioned in
https://build.opensuse.org/request/show/1125095 Factory / scamper