Bug 1122859 - (CVE-2019-3462) VUL-1: CVE-2019-3462: apt: Code injection through HTTP redirect
(CVE-2019-3462)
VUL-1: CVE-2019-3462: apt: Code injection through HTTP redirect
Status: RESOLVED WONTFIX
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/223529/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-01-23 10:01 UTC by Alexandros Toptsoglou
Modified: 2019-04-05 14:40 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-01-23 10:01:38 UTC
The code handling HTTP redirects in the HTTP transport method doesn't properly
sanitize fields transmitted over the wire. This vulnerability could be used by
an attacker located as a man-in-the-middle between APT and a mirror to inject
malicous content in the HTTP connection. This content could then be recognized
as a valid package by APT and used later for code execution with root
privileges on the target machine.


References:
https://justi.cz/security/2019/01/22/apt-rce.html
https://www.debian.org/security/2019/dsa-4371
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3462.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3462
https://usn.ubuntu.com/3863-2/
https://usn.ubuntu.com/3863-1/
Comment 1 Alexandros Toptsoglou 2019-01-23 10:04:56 UTC
This bug affects only apt version  0.5.15lorg3.2-123.31  which can only be found in sle-sdk-11-SP4
Comment 2 Alexandros Toptsoglou 2019-01-23 10:06:03 UTC
SUSE will not provide a fix for this issue since the risk to our customers posed by this is negligible