First Last Prev Next    This bug is not in your last search results.
Bug 1205224 - (CVE-2022-39377) VUL-0: CVE-2022-39377: sysstat: arithmetic overflow in allocate_structures() on 32 bit systems
(CVE-2022-39377)
VUL-0: CVE-2022-39377: sysstat: arithmetic overflow in allocate_structures() ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
32bit Other
: P5 - None : Minor
: ---
Assigned To: David Anes
Security Team bot
https://smash.suse.de/issue/347444/
CVSSv3.1:SUSE:CVE-2022-39377:4.2:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-11-09 09:30 UTC by Carlos López
Modified: 2023-01-30 10:54 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos López 2022-11-09 09:30:54 UTC 
rh#2141207

Sysstat On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.

https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7x

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2141207
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39377
https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7x
https://www.cve.org/CVERecord?id=CVE-2022-39377
Comment 1 Carlos López 2022-11-09 09:34:35 UTC 
This only affects 32 bit systems, which we do not support. Closing.
Comment 2 Andreas Stieger 2023-01-30 10:54:45 UTC 
You support openSUSE Tumbleweed 32 bit.
Fixed in TW with https://build.opensuse.org/request/show/1035320
First Last Prev Next    This bug is not in your last search results.