Bug 1219409 (CVE-2024-21646)

Summary: VUL-0: CVE-2024-21646: python-uamqp: integer overflow may cause remote code execution
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: John Paul Adrian Glaubitz <adrian.glaubitz>
Status: IN_PROGRESS --- QA Contact: Security Team bot <security-team>
Severity: Critical    
Priority: P3 - Medium CC: adrian.glaubitz, gianluca.gabrielli, kvanderveer, meissner
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/390407/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-21646:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-01-31 13:00:28 UTC 
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication.  When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution.  This vulnerability has been patched in release 2024-01-01.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21646
https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv
https://www.cve.org/CVERecord?id=CVE-2024-21646
Comment 2 John Paul Adrian Glaubitz 2024-02-01 11:39:54 UTC 
Updated packages have been submitted for:

 - SUSE:SLE-15-SP1:Update/python-uamqp
 - openSUSE:Factory/python-uamqp

Fixing the package in SUSE:SLE-12-SP1:Update will be a bit more difficult since the version found there is much older (1.2.12).
Comment 4 Maintenance Automation 2024-02-05 12:30:08 UTC 
SUSE-SU-2024:0323-1: An update that solves one vulnerability can now be installed.

Category: security (critical)
Bug References: 1219409
CVE References: CVE-2024-21646
Sources used:
openSUSE Leap 15.5 (src): python-uamqp-1.5.3-150100.4.10.1
Public Cloud Module 15-SP2 (src): python-uamqp-1.5.3-150100.4.10.1
Public Cloud Module 15-SP3 (src): python-uamqp-1.5.3-150100.4.10.1
Public Cloud Module 15-SP4 (src): python-uamqp-1.5.3-150100.4.10.1
Public Cloud Module 15-SP5 (src): python-uamqp-1.5.3-150100.4.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.