Bug 1199925 (CVE-2015-1783)

Summary: CVE-2015-1783 lasso: use of uninitialized value leading to a crash
Product: [Other] Security Response Reporter: Martin Prpič <mprpic>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: rcritten, scorneli, security-response-team, ssorce
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20150309,reported=20150304,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L,cwe=CWE-456,rhel-6/lasso=wontfix,rhel-7/lasso=notaffected,fedora-all/lasso=affected
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-06-27 08:13:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 1200085    
Bug Blocks: 1199930    
Attachments:
Description Flags
proposed patch for lasso none

Description Martin Prpič 2015-03-09 09:50:03 UTC
An uninitialized data structure flaw was found in lasso, a library that implements SSO standards. A remote attacker could potentially use this flaw to crash an application using the lasso library.

The lasso library is used by ipsilon and mod_auth_mellon.

Acknowledgements:

This issue was discovered by Rob Crittenden of Red Hat.

Comment 1 Martin Prpič 2015-03-09 16:32:33 UTC
Created attachment 999630 [details]
proposed patch for lasso

Comment 2 Martin Prpič 2015-03-09 16:36:42 UTC
Created lasso tracking bugs for this issue:

Affects: fedora-all [bug 1200085]

Comment 4 Rob Crittenden 2015-03-10 16:21:21 UTC
Not sure how I didn't notice this before but this is already fixed upstream in master, https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd

Comment 5 Fedora Update System 2015-04-06 08:33:16 UTC
lasso-2.4.1-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 6 Fedora Update System 2015-04-06 08:36:23 UTC
lasso-2.4.1-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2015-04-21 19:07:12 UTC
lasso-2.4.1-3.fc22 has been pushed to the Fedora 22 stable repository.  If problems still persist, please make note of it in this bug report.