Bugzilla – Bug 973790
VUL-0: CVE-2016-2347: lhasa: decode_level3_header Heap Corruption Vulnerability
Last modified: 2017-10-25 19:58:57 UTC
CVE-2016-2347 An exploitable integer underflow exists during calculation size for all headers in decode_level3_header function of Lhasa (lha) application. Smaller value of header_len than LEVEL_3_HEADER_LEN ( 32 ) cause during subtraction integer underflow and lead later to memory corruption via heap based buffer overflow. More details at http://www.talosintel.com/reports/TALOS-2016-0095/ Discovered by Marcin ‘Icewall’ Noga of Cisco TALOS References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2347 http://www.debian.org/security/2016/dsa-3540 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2347.html
This is an autogenerated message for OBS integration: This bug (973790) was mentioned in https://build.opensuse.org/request/show/384192 13.2+42.1 / lhasa
Upstream patch: https://github.com/fragglet/lhasa/commit/6fcdb8f1f538b9d63e63a5fa199c5514a15d4564 ---- Submissions summary: +------------------+-----------+ | Codestream | Request # | +------------------+-----------+ | SLE12 | #107604 | | openSUSE 13.2 | #384192 | | openSUSE Leap | #384192 | | openSUSE Factory | #384195* | +------------------+-----------+ *update to 0.3.1 where the bug is already fixed. All done, I'm reassigning this bug to security-team.
This is an autogenerated message for OBS integration: This bug (973790) was mentioned in https://build.opensuse.org/request/show/384204 Factory / lhasa
This is an autogenerated message for OBS integration: This bug (973790) was mentioned in https://build.opensuse.org/request/show/384453 42.1 / lhasa https://build.opensuse.org/request/show/384456 13.2 / lhasa
openSUSE-SU-2016:1027-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 973790 CVE References: CVE-2016-2347 Sources used: openSUSE 13.2 (src): lhasa-0.3.1-4.4.1
openSUSE-SU-2016:1029-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 973790 CVE References: CVE-2016-2347 Sources used: openSUSE Leap 42.1 (src): lhasa-0.3.1-10.1
SUSE-SU-2016:1091-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 973790 CVE References: CVE-2016-2347 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): lhasa-0.2.0-5.1 SUSE Linux Enterprise Workstation Extension 12 (src): lhasa-0.2.0-5.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): lhasa-0.2.0-5.1 SUSE Linux Enterprise Software Development Kit 12 (src): lhasa-0.2.0-5.1 SUSE Linux Enterprise Desktop 12-SP1 (src): lhasa-0.2.0-5.1 SUSE Linux Enterprise Desktop 12 (src): lhasa-0.2.0-5.1
released