31246 – matio new security issues CVE-2020-36428 and CVE-2021-36977

Bug 31246 - matio new security issues CVE-2020-36428 and CVE-2021-36977

Summary: matio new security issues CVE-2020-36428 and CVE-2021-36977

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA8-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2022-12-08 15:26 CET by David Walser
Modified:	2022-12-13 23:11 CET (History)
CC List:	6 users (show)

See Also:
Source RPM:	matio-1.5.21-1.mga8.src.rpm
CVE:	CVE-2020-36428, CVE-2021-36977
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2022-12-08 15:26:08 CET

openSUSE has issued an advisory today (December 8):
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DWEPRACQNMJHSGWUZQ5LKNVGWSZ6FMCB/

The issues are fixed upstream in 1.5.22.

David Walser 2022-12-08 15:26:23 CET

Status comment: (none) => Fixed upstream in 1.5.22

Comment 1 Nicolas Salguero 2022-12-09 10:22:21 CET

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). (CVE-2020-36428)

matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry), related to use of HDF5 1.12.0. (CVE-2021-36977)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36977
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DWEPRACQNMJHSGWUZQ5LKNVGWSZ6FMCB/
========================

Updated packages in core/updates_testing:
========================
lib(64)matio11-1.5.23-1.mga8
lib(64)matio-devel-1.5.23-1.mga8
matio-1.5.23-1.mga8

from SRPM:
matio-1.5.23-1.mga8.src.rpm

Status: NEW => ASSIGNED
CVE: (none) => CVE-2020-36428, CVE-2021-36977
Status comment: Fixed upstream in 1.5.22 => (none)
CC: (none) => nicolas.salguero
Assignee: geiger.david68210 => qa-bugs

Comment 2 Herman Viaene 2022-12-10 10:56:37 CET

MGA8-64 MATE on Acer Aspire 5253
No installation issues.
According to our MCC: "matio is an ISO C library (with a limited Fortran 90 interface) for reading and writing Matlab MAT files."
So this is developers stuff, OK on clean install.
I see on bug 29164 that Len did some exercise in that area, so if anyone judges it's necessary to do a similar test on this update, plse feel free to withdraw the OK.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Comment 3 Thomas Andrews 2022-12-10 14:07:29 CET

Validating. Advisory in comment 1.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Comment 4 Len Lawrence 2022-12-10 15:38:23 CET

In reply to comment 2:
No, you all right on this one Herman.  As stated, the test in the previous bug was a very primitive one, so no worries.

CC: (none) => tarazed25

Dave Hodgins 2022-12-13 02:09:57 CET

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 5 Mageia Robot 2022-12-13 23:11:12 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0465.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.