Bug 1191489 - (CVE-2021-3800) VUL-1: CVE-2021-3800: glib2: glib2: Possible privilege escalation thourgh pkexec and aliases
(CVE-2021-3800)
VUL-1: CVE-2021-3800: glib2: glib2: Possible privilege escalation thourgh pke...
Status: IN_PROGRESS
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/311784/
CVSSv3.1:SUSE:CVE-2021-3800:4.7:(AV:L...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-10-08 14:19 UTC by Gabriele Sonnu
Modified: 2022-03-14 20:18 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gabriele Sonnu 2021-10-08 14:19:16 UTC
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Upstream patch:

https://gitlab.gnome.org/GNOME/glib/commit/3529bb4450a51995

References:

https://www.openwall.com/lists/oss-security/2017/06/23/8

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1938284
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3800
Comment 1 Gabriele Sonnu 2021-10-08 14:20:11 UTC
Affected packages:

 - SUSE:SLE-11-SP1:Update/glib2  2.22.5
 - SUSE:SLE-12-SP2:Update/glib2  2.48.2
 - SUSE:SLE-15:Update/glib2      2.54.3

Upstream patch:

https://gitlab.gnome.org/GNOME/glib/commit/3529bb4450a51995
Comment 5 QK ZHU 2022-03-04 04:21:36 UTC
(In reply to Gabriele Sonnu from comment #1)
> Affected packages:
> 
>  - SUSE:SLE-15:Update/glib2      2.54.3

SUSE:SLE-15:Update was EOL, but

- SUSE:SLE-15-SP2:Update      2.62.6

Which codestream should we submit?
Comment 7 Gianluca Gabrielli 2022-03-04 08:41:45 UTC
submissions to SLE-11-SP1 and SLE-12-SP2 are enough, please reassign this issue back to security-team@suse.de.
Comment 8 Gabriele Sonnu 2022-03-04 08:43:25 UTC
(In reply to QK ZHU from comment #5)
> 
> - SUSE:SLE-15-SP2:Update      2.62.6
> 
> Which codestream should we submit?

I checked again and SUSE:SLE-15-SP2:Update/glib2 seems to already contain the fix. So no need to submit.
As Gianluca said submissions to SLE-11-SP1 and SLE-12-SP2 are enough.
Comment 10 Swamp Workflow Management 2022-03-14 20:18:23 UTC
SUSE-SU-2022:0828-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1191489
CVE References: CVE-2021-3800
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    glib2-2.48.2-12.25.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    glib2-2.48.2-12.25.1
SUSE Linux Enterprise Server 12-SP5 (src):    glib2-2.48.2-12.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.