26336 – sleuthkit new security issue CVE-2020-10232

Bug 26336 - sleuthkit new security issue CVE-2020-10232

Summary: sleuthkit new security issue CVE-2020-10232

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	7
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA7-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2020-03-12 22:14 CET by David Walser
Modified:	2020-03-18 16:28 CET (History)
CC List:	6 users (show)

See Also:
Source RPM:	sleuthkit-4.6.6-1.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-03-12 22:14:41 CET

Debian-LTS has issued an advisory on March 11:
https://www.debian.org/lts/security/2020/dla-2137

Mageia 7 is also affected.

David Walser 2020-03-12 22:15:28 CET

Whiteboard: (none) => MGA7TOO
Status comment: (none) => Patch available from Debian and upstream

Comment 1 David GEIGER 2020-03-14 16:35:26 CET

done for both Cauldron and mga7!

Comment 2 David Walser 2020-03-14 16:39:48 CET

Advisory:
========================

Updated sleuthkit packages fix security vulnerability:

In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer
overflow vulnerability in the YAFFS file timestamp parsing logic in
yaffsfs_istat() in fs/yaffs.c (CVE-2020-10232).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10232
https://www.debian.org/lts/security/2020/dla-2137
========================

Updated packages in core/updates_testing:
========================
sleuthkit-4.6.6-1.1.mga7
libtsk13-4.6.6-1.1.mga7
libtsk-devel-4.6.6-1.1.mga7

from sleuthkit-4.6.6-1.1.mga7.src.rpm

CC: (none) => geiger.david68210
Whiteboard: MGA7TOO => (none)
Assignee: geiger.david68210 => qa-bugs
Version: Cauldron => 7
Status comment: Patch available from Debian and upstream => (none)
Source RPM: sleuthkit-4.8.0-2.mga8.src.rpm => sleuthkit-4.6.6-1.mga7.src.rpm

Comment 3 Herman Viaene 2020-03-15 11:31:44 CET

MGA7-64 Plasma on Lenovo B50
No installation issues.
Googling and reading man pages broughtme to:
insert USB mem stick, finfd device id in dolphin, and then
# fsstat /dev/sdb1 | more
FILE SYSTEM INFORMATION
--------------------------------------------
File System Type: FAT32

OEM Name: MSWIN4.1
Volume ID: 0x2313eff9
Volume Label (Boot Sector): KINGSTON   
Volume Label (Root Directory):
File System Type Label: FAT32   
Next Free Sector (FS Info): 292480
Free Sector Count (FS Info): 7531648

Sectors before file system: 8064

File System Layout (in sectors)
Total Range: 0 - 7823487
* Reserved: 0 - 47
** Boot Sector: 0
** FS Info Sector: 1
** Backup Boot Sector: 8
* FAT 0: 48 - 1959
* FAT 1: 1960 - 3871
* Data Area: 3872 - 7823487
** Cluster Area: 3872 - 7823487
*** Root Directory: 3872 - 3903

METADATA INFORMATION
--------------------------------------------
Range: 2 - 125113862
Root Directory: 2

CONTENT INFORMATION
--------------------------------------------
Sector Size: 512
Cluster Size: 16384
Total Cluster Range: 2 - 244364

FAT CONTENTS (in sectors)
--------------------------------------------
3872-3903 (32) -> EOF
3904-3935 (32) -> EOF
3936-4095 (160) -> EOF
and a long list .....
Looks OK, and then thought of checking older updates and found bug 23501 where Len did the same, so I feel comforted I made a godd choice for testing.
OK for me.

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Comment 4 Len Lawrence 2020-03-15 15:18:12 CET

You beat me to it Herman.  Found no obvious PoC for the overflow issue.

CC: (none) => tarazed25

Comment 5 Thomas Andrews 2020-03-17 14:58:37 CET

Then we have a consensus. Validating. Advisory in Comment 2.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Thomas Backlund 2020-03-18 15:56:17 CET

CC: (none) => tmb
Keywords: (none) => advisory

Comment 6 Mageia Robot 2020-03-18 16:28:50 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0143.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.