|Summary:||CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions|
|Product:||[Other] Security Response||Reporter:||Huzaifa S. Sidhpurwala <huzaifas>|
|Component:||vulnerability||Assignee:||Red Hat Product Security <security-response-team>|
|Status:||CLOSED ERRATA||QA Contact:|
|Version:||unspecified||CC:||bmcclain, cdewolf, csutherl, dblechte, dougsland, eedri, erik-fedora, gzaronik, jawilson, jclere, jkeilson, ktietz, lgao, lsurette, marcandre.lureau, mbabacek, mgoldboi, michal.skrivanek, mjc, mturk, myarboro, pstehlik, redhat-bugzilla, rjones, sardella, security-response-team, slawomir, slong, slukasik, srevivo, tmraz, twalsh, weli, ycui, ykaul, ykawada, yozone|
|Fixed In Version:||openssl 1.0.1s, openssl 1.0.2g||Doc Type:||Bug Fix|
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application.
|Last Closed:||2019-06-08 02:48:53 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:||1312856, 1312857, 1312858, 1321841, 1321842, 1331569, 1331865, 1331866, 1366994|
|Bug Blocks:||1314768, 1395463|
Description Huzaifa S. Sidhpurwala 2016-02-26 06:44:51 UTC
Comment 1 Martin Prpič 2016-02-29 12:00:02 UTC
Public via: Upstream patch: http://git.openssl.org/?p=openssl.git;a=commitdiff;h=9cb177301fdab492e4cfef376b28339afe3ef663 Detailed write-up: https://guidovranken.wordpress.com/2016/02/27/openssl-cve-2016-0799-heap-corruption-via-bio_printf/
Comment 2 Martin Prpič 2016-02-29 12:02:22 UTC
Created openssl101e tracking bugs for this issue: Affects: epel-5 [bug 1312858]
Comment 3 Martin Prpič 2016-02-29 12:02:28 UTC
Created openssl tracking bugs for this issue: Affects: fedora-all [bug 1312856]
Comment 4 Martin Prpič 2016-02-29 12:02:34 UTC
Created mingw-openssl tracking bugs for this issue: Affects: fedora-all [bug 1312857]
Comment 5 Martin Prpič 2016-02-29 12:33:10 UTC
Acknowledgments: Name: the OpenSSL project Upstream: Guido Vranken
Comment 6 Fedora Update System 2016-03-03 20:22:27 UTC
openssl-1.0.2g-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 7 Huzaifa S. Sidhpurwala 2016-03-10 08:51:56 UTC
Statement: The original issue fixed by OpenSSL upstream contains two distinct fixes. The first one is a format string flaw in the internal fmtstr functions, which may result in a OOB read flaw when printing very large string. This issue was assigned CVE-2016-0799 The second issue relates to the internal doapr_outch function of OpenSSL. It can result in an OOB write, or cause memory leaks. This issue has been assigned CVE-2016-2842 by MITRE as is now tracked as https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2842
Comment 8 Fedora Update System 2016-03-13 09:51:42 UTC
openssl-1.0.1k-14.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Comment 15 errata-xmlrpc 2016-05-09 09:28:36 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0722 https://rhn.redhat.com/errata/RHSA-2016-0722.html
Comment 16 errata-xmlrpc 2016-05-10 04:20:10 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0996 https://rhn.redhat.com/errata/RHSA-2016-0996.html
Comment 19 jkeilson 2016-05-16 15:42:40 UTC
There appears to be a problem with the source RPM for RHEL6. It looks like something is wrong with one of the certs used in the tests.
Comment 23 Tomas Mraz 2016-05-17 14:12:46 UTC
(In reply to jkeilson from comment #19) > There appears to be a problem with the source RPM for RHEL6. It looks like > something is wrong with one of the certs used in the tests. Unfortunately the certs used for the tests expired. If you want to rebuild the source you have to artificially manipulate the date on the machine used to the rebuild or disable the tests. The certs will be updated in future openssl erratum.
Comment 25 Fedora Update System 2016-05-27 23:16:22 UTC
openssl101e-1.0.1e-8.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
Comment 27 errata-xmlrpc 2016-10-18 07:08:27 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2016:2073 https://rhn.redhat.com/errata/RHSA-2016-2073.html
Comment 28 errata-xmlrpc 2016-12-15 22:16:24 UTC
This issue has been addressed in the following products: Via RHSA-2016:2957 https://rhn.redhat.com/errata/RHSA-2016-2957.html