Bug 1113039 - (CVE-2018-18585) VUL-1: CVE-2018-18585: libmspack: chmd_read_headers() reject files with blank filenames,
(CVE-2018-18585)
VUL-1: CVE-2018-18585: libmspack: chmd_read_headers() reject files with blank...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/217868/
CVSSv3:NVD:CVE-2018-18585:4.3:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-10-24 07:14 UTC by Alexander Bergmann
Modified: 2020-10-27 15:28 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2018-10-24 07:14:57 UTC
CVE-2018-18585

FTR, three CVEs were assigned by MITRE, whereeas one is explicitly
marked as DISPUTED, because upstream makes clear in the changelog
entry, that the chmextract utility is more an example code how to use
the library rather than "productised" binaries. Still a CVE was
assigned for downstreams using it as such.

Upstream changelog:
2018-10-17  Stuart Caie <kyzer@cabextract.org.uk>
* chmd_read_headers(): again reject files with blank filenames, this
time because their 1st or 2nd byte is null, not because their length
is zero.  Thanks again to Hanno Böck for finding the issue.

Upstream fix:
https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f

References:
https://www.openwall.com/lists/oss-security/2018/10/23/11
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18585
Comment 2 Swamp Workflow Management 2018-10-26 14:00:11 UTC
This is an autogenerated message for OBS integration:
This bug (1113039) was mentioned in
https://build.opensuse.org/request/show/644862 15.0 / libmspack
https://build.opensuse.org/request/show/644863 42.3 / libmspack
Comment 4 Swamp Workflow Management 2018-10-29 09:40:10 UTC
This is an autogenerated message for OBS integration:
This bug (1113039) was mentioned in
https://build.opensuse.org/request/show/645188 15.0 / libmspack
https://build.opensuse.org/request/show/645191 42.3 / libmspack
Comment 5 Swamp Workflow Management 2018-10-29 12:42:26 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2018-11-12.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/64167
Comment 6 Swamp Workflow Management 2018-10-30 11:13:45 UTC
openSUSE-SU-2018:3562-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1113038,1113039,1113040
CVE References: CVE-2018-18584,CVE-2018-18585,CVE-2018-18586
Sources used:
openSUSE Leap 42.3 (src):    libmspack-0.5-8.3.1
Comment 7 Swamp Workflow Management 2019-03-26 17:17:47 UTC
SUSE-SU-2019:0748-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1113038,1113039
CVE References: CVE-2018-18584,CVE-2018-18585
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    libmspack-0.6-3.3.11
SUSE Linux Enterprise Module for Basesystem 15 (src):    libmspack-0.6-3.3.11

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2019-03-27 14:27:05 UTC
SUSE-SU-2019:13992-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1113038,1113039
CVE References: CVE-2018-18584,CVE-2018-18585
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    libmspack-0.0.20060920alpha-74.11.6.1
SUSE Linux Enterprise Server 11-SP4 (src):    libmspack-0.0.20060920alpha-74.11.6.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libmspack-0.0.20060920alpha-74.11.6.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2020-09-22 19:19:12 UTC
SUSE-SU-2020:2711-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1113038,1113039,1130489,1141680
CVE References: CVE-2018-18584,CVE-2018-18585,CVE-2019-1010305
JIRA References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    libmspack-0.4-15.7.1
SUSE Linux Enterprise Server 12-SP5 (src):    libmspack-0.4-15.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Alexandros Toptsoglou 2020-10-27 15:28:00 UTC
DONE