Bug 1084602 - (CVE-2018-7889) VUL-0: CVE-2018-7889: calibre: Calls cPickle.load on imported bookmark/meta data, which allows remote attackers to execute arbitrary code
(CVE-2018-7889)
VUL-0: CVE-2018-7889: calibre: Calls cPickle.load on imported bookmark/meta d...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.3
Other Other
: P3 - Medium : Major (vote)
: ---
Assigned To: Juergen Weigert
Security Team bot
https://smash.suse.de/issue/201513/
CVSSv3:RedHat:CVE-2018-7889:5.3:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-09 07:11 UTC by Johannes Segitz
Modified: 2018-03-09 23:30 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2018-03-09 07:11:25 UTC
CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported
bookmark data, which allows remote attackers to execute arbitrary code via a
crafted .pickle file, as demonstrated by Python code that contains an os.system
call.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7889
http://www.cvedetails.com/cve/CVE-2018-7889/
https://github.com/kovidgoyal/calibre/commit/aeb5b036a0bf657951756688b3c72bd68b6e4a7d
https://bugs.launchpad.net/calibre/+bug/1753870
Comment 1 Cor Blom 2018-03-09 23:30:19 UTC
This is fixed in 3.19 which was released yesterday and will be soon in Factory.