Bug 1394790 (CVE-2016-9296)

Summary: CVE-2016-9296 p7zip: Null pointer dereference in 7zIn.cpp
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: matthias, sergio
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-12-12 15:18:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1394794, 1394795    
Bug Blocks:    

Description Andrej Nemec 2016-11-14 13:13:29 UTC 
A null pointer dereference vulnerability was found in p7zip. Malformed 7z file could cause the application to crash.

Upstream bug:

https://sourceforge.net/p/p7zip/bugs/185/
Comment 1 Andrej Nemec 2016-11-14 13:16:26 UTC 
Created p7zip tracking bugs for this issue:

Affects: fedora-all [bug 1394794]
Affects: epel-all [bug 1394795]
Comment 2 Sergio Basto 2016-12-13 18:27:07 UTC 
p7zip 16.02 + more CVE-2016-9296.patch [1] = p7zip 16.02-2 

[1] 
https://src.fedoraproject.org/cgit/rpms/p7zip.git/tree/CVE-2016-9296.patch
Comment 3 Tomas Hoger 2016-12-13 20:50:05 UTC 
Fixed In Version field here is meant to note fixed upstream version.  Based on your comment 2, it should not note 16.02.  If there is not fixed upstream version yet, it should be left blank.