Bug 1217032 - VUL-0: scamper: TCP packet parsing buffer overflow via large TCP fast open cookie
Summary: VUL-0: scamper: TCP packet parsing buffer overflow via large TCP fast open co...
Status: NEW
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security (show other bugs)
Version: Current
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: Current
Assignee: Sebastian Wagner
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-11-10 15:40 UTC by Carlos López
Modified: 2023-11-10 17:25 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos López 2023-11-10 15:40:50 UTC 
[scamper-announce] scamper-cvs-20230614d
Matthew Luckie mjl at luckie.org.nz
Mon Oct 9 10:37:01 PDT 2023
Previous message (by thread): [scamper-announce] scamper-cvs-20230614c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
https://www.caida.org/catalog/software/scamper/code/scamper-cvs-20230614d.tar.gz

SHA256 (scamper-cvs-20230614d.tar.gz) = 54423b64a0b68aafa903d9260c2bff5c16f3cca44997e0e830d17296f6f03a59
SIZE (scamper-cvs-20230614d.tar.gz) = 2214467

scamper:
* fix buffer overflow when parsing TCP packets where the sender
  includes a TCP fast open cookie larger than 16 bytes.

References:
https://mailman.caida.org/pipermail/scamper-announce/2023-October/000037.html
Comment 1 Sebastian Wagner 2023-11-10 15:49:26 UTC 
The package is not in Leap, "only" in network:utilities and Factory/TW.
Comment 2 Carlos López 2023-11-10 15:51:44 UTC 
(In reply to Sebastian Wagner from comment #1)
> The package is not in Leap, "only" in network:utilities and Factory/TW.

It's also in:
 - openSUSE:Backports:SLE-15-SP4
 - openSUSE:Backports:SLE-15-SP5
 - openSUSE:Backports:SLE-15-SP6

Which means it's in Leap
Comment 3 Sebastian Wagner 2023-11-10 15:52:27 UTC 
Okay, https://software.opensuse.org/package/scamper doesn't show that.
Comment 4 Carlos López 2023-11-10 15:56:34 UTC 
(In reply to Sebastian Wagner from comment #3)
> Okay, https://software.opensuse.org/package/scamper doesn't show that.

They show up under "Unsupported distributions", not sure why though. In my Leap 15.4 system:

$ sudo zypper se --details scamper
Loading repository data...
Reading installed packages...

S | Name                 | Type    | Version              | Arch   | Repository
--+----------------------+---------+----------------------+--------+-------------------
  | libscamperfile-devel | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | libscamperfile-devel | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
  | libscamperfile0      | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | libscamperfile0      | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
  | scamper              | package | 20191102b-bp154.1.24 | x86_64 | openSUSE-Leap-15.4
  | scamper              | package | 20191102b-bp154.1.24 | x86_64 | Main Repository
Comment 5 OBSbugzilla Bot 2023-11-10 17:25:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1217032) was mentioned in
https://build.opensuse.org/request/show/1125095 Factory / scamper