First Last Prev Next    This bug is not in your last search results.
Bug 1064716 - (CVE-2017-13090) VUL-0: CVE-2017-13090: wget: Missing check for negative remaining_chunk_size in fd_read_body causes heap buffer overflow
(CVE-2017-13090)
VUL-0: CVE-2017-13090: wget: Missing check for negative remaining_chunk_size ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/194012/
CVSSv3:SUSE:CVE-2017-13090:8.8:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-23 15:33 UTC by Johannes Segitz
Modified: 2017-11-21 08:12 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-10-23 15:33:26 UTC 
Created attachment 745523 [details]
Upstream patch

From: NCSC-FI Vulnerability Co-ordination

 * [PATCH 2/2] Fix heap overflow in HTTP protocol handling (CVE-2017-13090)

Both vulnerabilities have RCE potential and they are quite simple to
exploit.

We were contacted by the researchers and agreed to handle the
publication of the patches for the GNU Wget project.
Comment 1 Johannes Segitz 2017-10-23 15:33:41 UTC 
CRD: 2017-10-26 12:00 +0000

>= SLE 12 affected
Comment 2 Josef Möllers 2017-10-24 07:53:23 UTC 
https://build.suse.de/request/show/144681
Comment 3 Johannes Segitz 2017-10-24 08:34:16 UTC 
CRD: 2017-10-26 15:00 +0000
Comment 4 Johannes Segitz 2017-10-27 06:32:57 UTC 
public
Comment 5 Swamp Workflow Management 2017-10-27 16:53:54 UTC 
SUSE-SU-2017:2871-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1064715,1064716
CVE References: CVE-2017-13089,CVE-2017-13090
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    wget-1.14-21.3.1
Comment 6 Bernhard Wiedemann 2017-10-27 18:01:53 UTC 
This is an autogenerated message for OBS integration:
This bug (1064716) was mentioned in
https://build.opensuse.org/request/show/537227 Factory / wget
Comment 7 Andreas Stieger 2017-10-27 18:45:55 UTC 
Release for Leap, submitted to Factory. Closing.
Comment 8 Swamp Workflow Management 2017-10-27 22:14:34 UTC 
openSUSE-SU-2017:2884-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1064715,1064716
CVE References: CVE-2017-13089,CVE-2017-13090
Sources used:
openSUSE Leap 42.3 (src):    wget-1.14-12.1
openSUSE Leap 42.2 (src):    wget-1.14-8.6.1
Comment 9 Swamp Workflow Management 2017-11-16 14:09:14 UTC 
SUSE-SU-2017:2871-2: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1064715,1064716
CVE References: CVE-2017-13089,CVE-2017-13090
Sources used:
SUSE OpenStack Cloud 6 (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Server 12-SP3 (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Server 12-SP2 (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Server 12-LTSS (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    wget-1.14-21.3.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    wget-1.14-21.3.1
Comment 10 Tristan Ye 2017-11-21 04:24:38 UTC 
Dear all, will this vulnerability affect SLES 11SP1?
Comment 11 Andreas Stieger 2017-11-21 08:12:57 UTC 
(In reply to Tristan Ye from comment #10)
> Dear all, will this vulnerability affect SLES 11SP1?

https://www.suse.com/de-de/security/cve/CVE-2017-13090/

No
First Last Prev Next    This bug is not in your last search results.