Bugzilla – Bug 1150114
VUL-1: CVE-2019-16167: sysstat: memory corruption due to an Integer Overflow in remap_struct() in sa_common.c
Last modified: 2019-11-13 07:37:29 UTC
CVE-2019-16167 sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. Upstream commit: https://github.com/sysstat/sysstat/commit/edbf507678bf10914e9804ff8a06737fdcb2e781 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16167 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16167 https://github.com/sysstat/sysstat/issues/230 https://github.com/sysstat/sysstat/compare/v12.1.5...v12.1.6
Just for reference, see also: https://github.com/sysstat/sysstat/issues/232 https://github.com/sysstat/sysstat/commit/83fad9c895d1ac13f76af5883b7451b3302beef5
Created attachment 817553 [details] Backported patch for SLE-15 We are using the stable version in all our codestreams where the remap_struct function returns void instead of int as returned from the development version. This is the backported patch for the stable version. Tested in polio: # sadf memcorrupt_sadf.in Segmentation fault (core dumped) # sadf memcorrupt_sadf2.in Segmentation fault (core dumped) # sadf memcorrupt_sadf.in Invalid system activity file: memcorrupt_sadf.in # sadf memcorrupt_sadf2.in Invalid system activity file: memcorrupt_sadf2.in
Created attachment 819340 [details] First reproducer
Created attachment 819341 [details] Second reproducer
SUSE-SU-2019:2749-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1150114 CVE References: CVE-2019-16167 Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP1 (src): sysstat-12.0.2-3.15.1 SUSE Linux Enterprise Module for Server Applications 15 (src): sysstat-12.0.2-3.15.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): sysstat-12.0.2-3.15.1 SUSE Linux Enterprise Module for Basesystem 15 (src): sysstat-12.0.2-3.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:2752-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1150114 CVE References: CVE-2019-16167 Sources used: SUSE Linux Enterprise Server 12-SP4 (src): sysstat-12.0.2-10.27.1 SUSE Linux Enterprise Desktop 12-SP4 (src): sysstat-12.0.2-10.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
released
openSUSE-SU-2019:2395-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1150114 CVE References: CVE-2019-16167 Sources used: openSUSE Leap 15.1 (src): sysstat-12.0.2-lp151.3.9.1
openSUSE-SU-2019:2397-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1150114 CVE References: CVE-2019-16167 Sources used: openSUSE Leap 15.0 (src): sysstat-12.0.2-lp150.16.1
SUSE-SU-2019:2752-2: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1150114 CVE References: CVE-2019-16167 Sources used: SUSE Linux Enterprise Server 12-SP5 (src): sysstat-12.0.2-10.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.