Bug 1047442 - (CVE-2017-10929) [devel:tools]: CVE-2017-10929: The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allowsremote attackers to cause a denial of service (heap-based buffer overflow andapplication crash) or possibly have unspecified other impact via
(CVE-2017-10929)
[devel:tools]: CVE-2017-10929: The grub_memmove function in shlr/grub/kern/mi...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/187862/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-06 06:43 UTC by Marcus Meissner
Modified: 2017-07-06 10:35 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-07-06 06:43:11 UTC
CVE-2017-10929

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows
remote attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a crafted
binary file, possibly related to a read overflow in the
grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10929
https://github.com/radare/radare2/issues/7855
https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85
Comment 1 Daniel Molkentin 2017-07-06 10:01:37 UTC
Fixed in sr#508478. Please review & accept. Reassigning to security team.
Comment 2 Marcus Meissner 2017-07-06 10:35:01 UTC
accpted