Bug 1191149 (CVE-2015-2058)

Summary: CVE-2015-2058 jabberd: buffer overflow when normalizing strings
Product: [Other] Security Response Reporter: Vasyl Kaigorodov <vkaigoro>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: adrian, cperry, dmaphy, jrusnack, mcepl, mkollar, sherr, taw, tjay
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-04-30 09:00:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1191150, 1191151    
Bug Blocks: 1191152    

Description Vasyl Kaigorodov 2015-02-10 14:44:48 UTC 
A buffer overflow was found in the XMPP server jabberd2 when normalizing
strings that can lead to remote information disclosure [1]. When parsing a
JID, jabberd2 version 2.3.2 and below truncate the data but do not verify
whether the result is valid UTF8 before passing it to libidn. If the data ends
with an unterminated multi-byte UTF8 sequence then libidn may copy data past
the buffer into the result. This can be exploited by remote clients or remote
servers.

Cve was requested on oss-security:
http://seclists.org/oss-sec/2015/q1/487

[1]: https://github.com/jabberd2/jabberd2/issues/85
Comment 1 Vasyl Kaigorodov 2015-02-10 14:45:54 UTC 
Created jabberd tracking bugs for this issue:

Affects: fedora-all [bug 1191150]
Affects: epel-all [bug 1191151]