16699 – screen new security issue CVE-2015-6806

Bug 16699 - screen new security issue CVE-2015-6806

Summary: screen new security issue CVE-2015-6806

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	i586 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/656652/
Whiteboard:	MGA4TOO has_procedure advisory MGA4-3...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2015-09-04 16:20 CEST by David Walser
Modified:	2015-09-08 19:57 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	screen-4.2.1-3.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-09-04 16:20:56 CEST

Debian has issued an advisory today (September 4):
https://lists.debian.org/debian-security-announce/2015/msg00251.html

The DSA will be posted here:
https://www.debian.org/security/2015/dsa-3352

Patched packages uploaded for Mageia 4, Mageia 5, and Cauldron.

Advisory:
========================

Updated screen package fixes security vulnerability:

A vulnerability was found in screen causing a stack overflow which results in
crashing the screen server process, resulting in denial of service
(CVE-2015-6806).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6806
https://www.debian.org/security/2015/dsa-3352
========================

Updated packages in core/updates_testing:
========================
screen-4.0.3-13.1.mga4
screen-4.2.1-3.1.mga5

from SRPMS:
screen-4.0.3-13.1.mga4.src.rpm
screen-4.2.1-3.1.mga5.src.rpm

Reproducible: 

Steps to Reproduce:

David Walser 2015-09-04 16:21:05 CEST

Version: Cauldron => 5
Whiteboard: (none) => MGA4TOO

David Walser 2015-09-04 16:22:47 CEST

URL: (none) => http://lwn.net/Vulnerabilities/656652/

Comment 1 David Walser 2015-09-04 16:23:35 CEST

FYI this came from this oss-security thread:
http://openwall.com/lists/oss-security/2015/09/01/1

Comment 2 Yann Cantin 2015-09-04 19:45:53 CEST

Tested with running this command inside screen :
$ printf '\x1b[10000000T'

mga5 x86_64

screen-4.2.1-3.mga5.x86_64   : crash
screen-4.2.1-3.1.mga5.x86_64 : clear screen

mga4 x86_64 (VM)

screen-4.0.3-13.mga4.x86_64   : crash
screen-4.0.3-13.1.mga4.x86_64 : clear screen

Update OK.

CC: (none) => yann.cantin
Whiteboard: MGA4TOO => MGA4TOO MGA5-64-OK MGA4-64-OK

Comment 3 David Walser 2015-09-07 02:43:41 CEST

Tested Mageia 4 i586 and Mageia 5 i586.  Before the update the printf makes it hang, after the update it clears the screen.

Whiteboard: MGA4TOO MGA5-64-OK MGA4-64-OK => MGA4TOO has_procedure MGA4-32-OK MGA4-64-OK MGA5-32-OK MGA5-64-OK

Comment 4 Rémi Verschelde 2015-09-07 07:29:53 CEST

Validating.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 5 claire robinson 2015-09-08 15:19:22 CEST

Advisory uploaded.

Whiteboard: MGA4TOO has_procedure MGA4-32-OK MGA4-64-OK MGA5-32-OK MGA5-64-OK => MGA4TOO has_procedure advisory MGA4-32-OK MGA4-64-OK MGA5-32-OK MGA5-64-OK

Comment 6 Mageia Robot 2015-09-08 19:57:44 CEST

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0354.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.