Bug 1176410 – VUL-0: CVE-2020-25219: libproxy: url:recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads

Bug 1176410 - (CVE-2020-25219) VUL-0: CVE-2020-25219: libproxy: url:recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads

(CVE-2020-25219)
Summary:	VUL-0: CVE-2020-25219: libproxy: url:recvline in url.cpp in libproxy 0.4.x th...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/267057/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-25219:7.5:(AV:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2020-09-10 12:12 UTC by Marcus Meissner
Modified:	2022-06-10 12:28 UTC (History)
CC List:	9 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2020-09-10 12:12:25 UTC

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP
server to trigger uncontrolled recursion via a response composed of an infinite
stream that lacks a newline character. This leads to stack exhaustion.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25219
https://github.com/libproxy/libproxy/issues/134

Comment 4 OBSbugzilla Bot 2020-10-05 15:40:07 UTC

This is an autogenerated message for OBS integration:
This bug (1176410) was mentioned in
https://build.opensuse.org/request/show/839601 Factory / libproxy

Comment 6 Swamp Workflow Management 2020-10-13 16:16:49 UTC

SUSE-SU-2020:2901-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1176410,1177143
CVE References: CVE-2020-25219,CVE-2020-26154
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Server for SAP 15 (src):    libproxy-0.4.15-4.3.1, libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Server 15-LTSS (src):    libproxy-0.4.15-4.3.1, libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    libproxy-0.4.15-4.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    libproxy-0.4.15-4.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    libproxy-0.4.15-4.3.1, libproxy-plugins-0.4.15-4.3.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    libproxy-0.4.15-4.3.1, libproxy-plugins-0.4.15-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Swamp Workflow Management 2020-10-13 16:21:21 UTC

SUSE-SU-2020:2900-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1176410,1177143
CVE References: CVE-2020-25219,CVE-2020-26154
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE OpenStack Cloud Crowbar 8 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE OpenStack Cloud 9 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE OpenStack Cloud 8 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE OpenStack Cloud 7 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    libproxy-0.4.13-18.3.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP5 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
SUSE Enterprise Storage 5 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1
HPE Helion Openstack 8 (src):    libproxy-0.4.13-18.3.1, libproxy-plugins-0.4.13-18.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 8 Swamp Workflow Management 2020-10-13 19:29:01 UTC

SUSE-SU-2020:2905-1: An update that solves 11 vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1055186,1065600,1065729,1094244,1112178,1113956,1154366,1167527,1168468,1169972,1171675,1171688,1171742,1173115,1174899,1175228,1175749,1175882,1176011,1176022,1176038,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14390,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-26088
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.61.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.61.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.61.1, kernel-obs-build-4.12.14-197.61.1, kernel-source-4.12.14-197.61.1, kernel-syms-4.12.14-197.61.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.61.1, kernel-source-4.12.14-197.61.1, kernel-zfcpdump-4.12.14-197.61.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Swamp Workflow Management 2020-10-13 19:38:44 UTC

SUSE-SU-2020:2905-1: An update that solves 11 vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1055186,1065600,1065729,1094244,1112178,1113956,1154366,1167527,1168468,1169972,1171675,1171688,1171742,1173115,1174899,1175228,1175749,1175882,1176011,1176022,1176038,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14390,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-26088
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.61.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.61.1, kernel-livepatch-SLE15-SP1_Update_16-1-3.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.61.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.61.1, kernel-obs-build-4.12.14-197.61.1, kernel-source-4.12.14-197.61.1, kernel-syms-4.12.14-197.61.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.61.1, kernel-source-4.12.14-197.61.1, kernel-zfcpdump-4.12.14-197.61.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Swamp Workflow Management 2020-10-13 19:56:54 UTC

SUSE-SU-2020:2907-1: An update that solves 11 vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1055186,1065600,1065729,1094244,1112178,1113956,1154366,1163524,1167527,1169972,1171688,1171742,1173115,1174354,1174899,1175228,1175528,1175749,1175882,1176011,1176022,1176038,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177291,1177293,1177294,1177295,1177296
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14390,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-26088
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.31.1, kernel-source-azure-4.12.14-16.31.1, kernel-syms-azure-4.12.14-16.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 11 Michael Gorse 2020-10-14 20:07:04 UTC

Updates released. Re-assigning to security team.

Comment 12 Swamp Workflow Management 2020-10-16 22:14:58 UTC

openSUSE-SU-2020:1676-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1176410,1177143
CVE References: CVE-2020-25219,CVE-2020-26154
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    libproxy-0.4.15-lp151.4.3.1, libproxy-plugins-0.4.15-lp151.4.3.1

Comment 13 Swamp Workflow Management 2020-10-17 10:16:50 UTC

openSUSE-SU-2020:1680-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1176410,1177143
CVE References: CVE-2020-25219,CVE-2020-26154
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    libproxy-0.4.15-lp152.5.3.1, libproxy-plugins-0.4.15-lp152.5.3.1

Comment 14 Swamp Workflow Management 2020-10-22 13:22:34 UTC

SUSE-SU-2020:2999-1: An update that solves 15 vulnerabilities and has 84 fixes is now available.

Category: security (important)
Bug References: 1055186,1058115,1065600,1065729,1094244,1112178,1113956,1136666,1152148,1154366,1163524,1165629,1166965,1167527,1168468,1169790,1169972,1170232,1171558,1171675,1171688,1171742,1172073,1172538,1172873,1173060,1173115,1174003,1174354,1174899,1175228,1175515,1175520,1175528,1175667,1175691,1175716,1175749,1175873,1175882,1176011,1176022,1176038,1176069,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176946,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296,1177340,1177511,802154
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14386,CVE-2020-14390,CVE-2020-1749,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-26088
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.19.1, kernel-rt_debug-4.12.14-10.19.1, kernel-source-rt-4.12.14-10.19.1, kernel-syms-rt-4.12.14-10.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2020-10-23 13:20:46 UTC

SUSE-SU-2020:3014-1: An update that solves 14 vulnerabilities and has 78 fixes is now available.

Category: security (important)
Bug References: 1055186,1058115,1065600,1065729,1094244,1112178,1113956,1136666,1140683,1152148,1154366,1163524,1165629,1166965,1167527,1169972,1170232,1171558,1171688,1171742,1172073,1172538,1172873,1173060,1173115,1174748,1174899,1175228,1175520,1175667,1175691,1175749,1175882,1176011,1176022,1176038,1176069,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176400,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176946,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296,1177340,1177511
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14386,CVE-2020-14390,CVE-2020-1749,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-26088
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.36.1, kernel-rt_debug-4.12.14-14.36.1, kernel-source-rt-4.12.14-14.36.1, kernel-syms-rt-4.12.14-14.36.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2020-11-11 14:20:59 UTC

SUSE-SU-2020:3281-1: An update that solves 11 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1055014,1061843,1065600,1065729,1066382,1077428,1112178,1114648,1131277,1134760,1140683,1152624,1157424,1163592,1168468,1171558,1171675,1172538,1172757,1173432,1174748,1175520,1175716,1176354,1176381,1176395,1176400,1176410,1176485,1176560,1176713,1176723,1176946,1177027,1177086,1177101,1177258,1177271,1177281,1177340,1177359,1177410,1177411,1177470,1177511,1177685,1177687,1177719,1177724,1177725,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330,936888
CVE References: CVE-2020-0430,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-25212,CVE-2020-25285,CVE-2020-25645,CVE-2020-25656,CVE-2020-27673,CVE-2020-27675
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.34.1, kernel-source-azure-4.12.14-16.34.1, kernel-syms-azure-4.12.14-16.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Carlos López 2022-06-10 12:28:27 UTC

Done, closing.