Bug 965806 – VUL-0: CVE-2016-1522: graphite2: An exploitable out-of-bounds access vulnerability exists in thebidirectional font handling function...

Bug 965806 - (CVE-2016-1522) VUL-0: CVE-2016-1522: graphite2: An exploitable out-of-bounds access vulnerability exists in thebidirectional font handling function...

(CVE-2016-1522)
Summary:	VUL-0: CVE-2016-1522: graphite2: An exploitable out-of-bounds access vulnerab...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/161683/
Whiteboard:	CVSSv2:SUSE:CVE-2016-1526:6.8:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2016-02-09 09:22 UTC by Sebastian Krahmer
Modified:	2016-06-02 14:24 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian Krahmer 2016-02-09 09:22:33 UTC

CVE-2016-1522



References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1522
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1522.html

Comment 1 Swamp Workflow Management 2016-02-09 23:00:47 UTC

bugbot adjusting priority

Comment 2 Petr Gajdos 2016-02-15 13:27:06 UTC

This is connected to first part of 'Denial of Service' in 
http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
?

At least 
https://github.com/silnrsi/graphite/commit/a94bbf1a651b13ecfaf9a774a841d36964c25929
seems, that yes. 

This and only this commit is relevant? There is another commit in the ubuntu bug, but I am not sure it is related to this bug.

More info welcome.

Thank you

Comment 3 Sebastian Krahmer 2016-02-15 13:39:50 UTC

To me, both commits seem to need to be applied.
What they name as "various fuzztest bugs" is IOW a crash
like all the other stuff that they are fixing.

Comment 5 Petr Gajdos 2016-03-07 09:01:30 UTC

1.3.1 in sle12 already contains the fix.

Comment 6 Bernhard Wiedemann 2016-03-07 11:00:16 UTC

This is an autogenerated message for OBS integration:
This bug (965806) was mentioned in
https://build.opensuse.org/request/show/367416 13.2 / graphite2

Comment 7 Petr Gajdos 2016-03-07 13:16:37 UTC

Packages submitted.

Comment 8 Swamp Workflow Management 2016-03-16 18:13:25 UTC

openSUSE-SU-2016:0791-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 965803,965806,965807,965810
CVE References: CVE-2016-1521,CVE-2016-1522,CVE-2016-1523,CVE-2016-1526
Sources used:
openSUSE 13.2 (src):    graphite2-1.2.4-2.4.1

Comment 9 Marcus Meissner 2016-03-18 14:18:13 UTC

released

Comment 10 Marcus Meissner 2016-06-02 14:24:05 UTC

For SLES 12 this bug was fixed with the update to graphite 1.3.1, where it was not seperately listed.