15352 – e2fsprogs new security issue CVE-2015-1572

Bug 15352 - e2fsprogs new security issue CVE-2015-1572

Summary: e2fsprogs new security issue CVE-2015-1572

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/634436/
Whiteboard:	has_procedure advisory MGA4-32-OK MG...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2015-02-24 18:57 CET by David Walser
Modified:	2015-02-26 09:27 CET (History)
CC List:	2 users (show)

See Also:
Source RPM:	e2fsprogs-1.42.9-2.1.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-02-24 18:57:35 CET

Debian has issued an advisory on February 22:
https://www.debian.org/security/2015/dsa-3166

Upstream patch checked into Mageia 4 and Cauldron SVN.

Freeze push requested for Cauldron.

Reproducible: 

Steps to Reproduce:

Comment 1 David Walser 2015-02-24 21:52:53 CET

Note that this issue is due to an incomplete fix for CVE-2015-0247, which we fixed in Bug 15208.

Testing procedure:
https://bugs.mageia.org/show_bug.cgi?id=15208#c2

Comment 2 David Walser 2015-02-25 02:26:59 CET

Patched package uploaded for Mageia 4.

See the test procedure linked from Comment 1.

Advisory:
========================

Updated e2fsprogs packages fix security vulnerability:

The libext2fs library, part of e2fsprogs and utilized by its utilities, is
affected by a boundary check error on block group descriptor information,
leading to a heap based buffer overflow. A specially crafted filesystem image
can be used to trigger the vulnerability. This is due to an incomplete fix
for CVE-2015-0247 (CVE-2015-1572).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572
http://advisories.mageia.org/MGASA-2015-0061.html
https://www.debian.org/security/2015/dsa-3166
========================

Updated packages in core/updates_testing:
========================
e2fsprogs-1.42.9-2.2.mga4
libext2fs2-1.42.9-2.2.mga4
libext2fs-devel-1.42.9-2.2.mga4

from e2fsprogs-1.42.9-2.2.mga4.src.rpm

Assignee: bugsquad => qa-bugs
Whiteboard: (none) => has_procedure

Comment 3 David Walser 2015-02-25 03:37:00 CET

Testing complete Mageia 4 i586 using the previous procedure.

Whiteboard: has_procedure => has_procedure MGA4-32-OK

Comment 4 olivier charles 2015-02-25 07:17:30 CET

Testing on Mageia4x64 real hardware using procedure mentioned in comment 1

with updated testing packages :
-----------------------------
e2fsprogs-1.42.9-2.2.mga4.x86_64
lib64ext2fs-devel-1.42.9-2.2.mga4.x86_64  
lib64ext2fs2-1.42.9-2.2.mga4.x86_64

OK on Mageia 4x64

(just had to replace last line of procedure :
$ /usr/sbin/e2freefrag /tmp/foo.img
by 
$ /usr/sbin/e2freefrag foo.img)

CC: (none) => olchal
Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK MGA4-64-OK

Comment 5 claire robinson 2015-02-25 21:50:04 CET

Validating. Advisory uploaded.

Please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure MGA4-32-OK MGA4-64-OK => has_procedure advisory MGA4-32-OK MGA4-64-OK
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2015-02-26 09:27:35 CET

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0088.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.