Bug 906077 (CVE-2013-6497)

Summary: VUL-0: CVE-2013-6497: clamav: Segmentation fault when processing certain files
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Reinhard Max <max>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/110838/
Whiteboard: maint:released:sle11-sp1:59794 maint:released:sle11-sp1:59798 maint:released:sle11-sp3:59796
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: Reproducer
Patch for the issue

Description Johannes Segitz 2014-11-19 09:32:23 UTC
clamav can crash when scanning certain files 

From http://seclists.org/oss-sec/2014/q4/673:
• Security fix for ClamAV crash when using 'clamscan -a'. This issue was
identified by Kurt Siefried of Red Hat.
• Security fix for ClamAV crash when scanning maliciously crafted yoda's
crypter files. This issue, as well as several other bugs fixed in this
release, were identified by Damien Millescamp of Oppida.

Fixed in 0.98.5. I'll try to get a reproducer

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1138101
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6497
http://seclists.org/oss-sec/2014/q4/673
Comment 1 Swamp Workflow Management 2014-11-19 09:57:53 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-12-03.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/59747
Comment 2 Reinhard Max 2014-11-19 10:20:29 UTC
(In reply to Johannes Segitz from comment #0)

> Fixed in 0.98.5. I'll try to get a reproducer

Could this be related to bug 898163?
Comment 3 Johannes Segitz 2014-11-19 10:44:45 UTC
(In reply to Reinhard Max from comment #2)
Don't think so. 898163 is fixed in 0.98.4, this is claimed to be fixed in 0.98.5. But there isn't a lot of detail, sorry.
Comment 4 Reinhard Max 2014-11-19 10:52:41 UTC
(In reply to Johannes Segitz from comment #3)
> 898163 is fixed in 0.98.4

I don't have a confirmation for that yet. I was just unable to reproduce it in my environment, which also included 0.98.4.
Comment 6 Johannes Segitz 2014-11-19 16:23:26 UTC
Created attachment 614226 [details]
Reproducer
Comment 7 Johannes Segitz 2014-11-19 16:23:45 UTC
Created attachment 614227 [details]
Patch for the issue
Comment 8 Reinhard Max 2014-11-19 16:53:10 UTC
Why the patch when we're updating to 0.98.5 anyway?
Comment 9 Swamp Workflow Management 2014-11-19 23:00:13 UTC
bugbot adjusting priority
Comment 10 Johannes Segitz 2014-11-20 09:03:43 UTC
(In reply to Reinhard Max from comment #8)
It serves as explanation for the issue. You don't have to use it.
Comment 12 Swamp Workflow Management 2014-12-05 09:05:31 UTC
openSUSE-SU-2014:1560-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
openSUSE 13.2 (src):    clamav-0.98.5-2.5.2
openSUSE 13.1 (src):    clamav-0.98.5-22.3
openSUSE 12.3 (src):    clamav-0.98.5-5.30.3
Comment 13 Marcus Meissner 2014-12-05 10:21:51 UTC
A SLE12 submission seems missing.
Comment 14 Swamp Workflow Management 2014-12-05 18:05:38 UTC
SUSE-SU-2014:1571-1: An update that solves two vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 899395,903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    clamav-0.98.5-0.5.1
Comment 15 Swamp Workflow Management 2014-12-05 20:05:35 UTC
SUSE-SU-2014:1574-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 11 SP3 (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    clamav-0.98.5-0.7.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    clamav-0.98.5-0.5.1
Comment 17 Swamp Workflow Management 2014-12-21 18:05:13 UTC
openSUSE-SU-2014:1679-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (important)
Bug References: 903489,904207,906077
CVE References: CVE-2013-6497
Sources used:
openSUSE Evergreen 11.4 (src):    clamav-0.98.5-37.1
Comment 18 Marcus Meissner 2015-01-12 09:42:05 UTC
released (well execpting sle12 which will be released soon)
Comment 19 Swamp Workflow Management 2015-02-02 09:09:12 UTC
SUSE-SU-2015:0188-1: An update that solves two vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 903489,903719,904207,906077,906770,908731,914505
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 12 (src):    clamav-0.98.5-6.1
SUSE Linux Enterprise Desktop 12 (src):    clamav-0.98.5-6.1
Comment 20 Bernhard Wiedemann 2017-12-03 09:04:27 UTC
This is an autogenerated message for OBS integration:
This bug (906077) was mentioned in
https://build.opensuse.org/request/show/547654 15.0 / clamav