Bug 1277915 (CVE-2015-8075)

Summary: CVE-2015-8075 libsndfile: Out of bounds memory access in psf_strlcpy_crlf
Product: [Other] Security Response Reporter: Adam Mariš <amaris>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: andreas, mhlavink
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
[REJECTED CVE] An out-of-bounds memory read in function psf_strlcpy_crlf when running test suite of libsndfile with address sanitizer enabled was found.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-06 11:34:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1277916, 1277917    
Bug Blocks: 1277910    

Description Adam Mariš 2015-11-04 10:38:13 UTC 
An out-of-bounds memory read in function psf_strlcpy_crlf when running test suite of libsndfile with address sanitizer enabled was found.

Upstream bug:

http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/681

CVE assignment:

http://seclists.org/oss-sec/2015/q4/217
Comment 1 Adam Mariš 2015-11-04 10:38:40 UTC 
Created libsndfile tracking bugs for this issue:

Affects: fedora-all [bug 1277916]
Affects: epel-5 [bug 1277917]
Comment 2 Stefan Cornelius 2015-11-06 11:34:29 UTC 
I think this is a problem in the test, not the function. Others came to the same conclusion:
http://seclists.org/oss-sec/2015/q4/226

This does not mean that the psf_strlcpy_crlf function is secure (because I didn't audit it), but this particular case of an error that was reported does not indicate that there's a problem in the function itself.
Comment 3 Adam Mariš 2015-11-06 14:06:54 UTC 
CVE was rejected.
Comment 4 Fedora Update System 2015-12-20 06:52:16 UTC 
libsndfile-1.0.25-18.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 5 Fedora Update System 2016-01-22 03:19:18 UTC 
libsndfile-1.0.25-18.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Comment 6 Fedora Update System 2016-02-17 01:22:42 UTC 
libsndfile-1.0.17-8.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.