Bugzilla – Bug 1046998
VUL-0: CVE-2017-10791: pspp: Integer overflow in the hash_int library
Last modified: 2017-08-10 01:12:14 UTC
There is an Integer overflow in the hash_int function of the libpspp library in
GNU PSPP 0.10.5-pre2. For example, a crash was observed within the library code
when attempting to convert invalid SPSS data into CSV format. A crafted input
will lead to a remote denial of service attack.
Created attachment 734462 [details]
Patch from Fedora, extracted from https://kojipkgs.fedoraproject.org//packages/pspp/0.10.2/5.fc26/src/pspp-0.10.2-5.fc26.src.rpm
I can still reproduce bug in pspp 0.10.2 even with this upstream patch.
Also, I can reproduce with latest upstream pspp 0.10.5pre2, that have this patch already
It showed a lot warnings, thus I suggested to not work.
But patches indeed works! Submitting:
https://build.opensuse.org/request/show/513103 for Leap 42.2
https://build.opensuse.org/request/show/513104 for Leap 42.3
release for Leap, done
openSUSE-SU-2017:2123-1: An update that fixes two vulnerabilities is now available.
Category: security (moderate)
Bug References: 1046997,1046998
CVE References: CVE-2017-10791,CVE-2017-10792
openSUSE Leap 42.3 (src): pspp-0.10.2-5.1
openSUSE Leap 42.2 (src): pspp-0.10.2-2.3.1