Bug 1912960 (CVE-2019-25013)

Summary: CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aoliva, arjun.is, ashankar, bdettelb, cmoore, codonell, cperry, csvoboda, dchong, dj, dramseur, fcanogab, fweimer, glibc-bugzilla, gmccullo, jhunter, jminter, kaycoth, kmitts, kmullins, kwalsh, law, mbenatto, mfabian, mgala, mjudeiki, mnewsome, pfrankli, rth, sadams, scorneli, sipoyare, tomckay
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: glibc 2.33 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in glibc. When processing input in the EUC-KR encoding, an invalid input sequence could cause glibc to read beyond the end of a buffer, resulting in a segmentation fault. The highest threat from this vulnerability is to system availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-02 14:42:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1912543, 1912544, 1913056, 1913542, 1914218, 1914219, 1914220, 1914221, 1914222, 1914325, 1914326, 1914327, 1914328, 1914329, 1968669, 1968670, 1968671    
Bug Blocks: 1912962, 1954955    

Description Guilherme de Almeida Suckevicz 2021-01-05 17:04:35 UTC 
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=24973

Upstream patch:
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
Comment 1 Guilherme de Almeida Suckevicz 2021-01-05 20:46:46 UTC 
Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 1913056]
Comment 19 errata-xmlrpc 2021-02-02 12:08:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:0348 https://access.redhat.com/errata/RHSA-2021:0348
Comment 20 Product Security DevOps Team 2021-02-02 14:42:18 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-25013
Comment 24 Huzaifa S. Sidhpurwala 2021-02-23 10:04:15 UTC 
Statement:

This flaw has been rated as having moderate impact for glibc packages shipped with Red Hat Enterprise Linux because, the maximum impact of this vulnerability is a crash, and it relies on processing untrusted input in an uncommon encoding (EUC-KR).  When this encoding is not used, the vulnerability can not be triggered.
Comment 25 errata-xmlrpc 2021-05-18 13:26:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:1585 https://access.redhat.com/errata/RHSA-2021:1585