Bug 2161571 (CVE-2022-47629)

Summary: CVE-2022-47629 libksba: integer overflow to code execution
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: acrosby, adudiak, ahanwate, aoconnor, arachman, bdettelb, caswilli, dffrench, dhalasz, dkuc, drieden, fcanogab, fjansen, gzaronik, hariharank, hbraun, hkataria, ikanias, jary, jburrell, jjelen, jkoehler, jmitchel, jsherril, jtanner, jwon, kaycoth, kshier, lveyde, michal.skrivanek, micjohns, mperina, ngough, nweather, oezr, psegedy, rbobbitt, rgodfrey, rludva, rravi, sbonazzo, security-response-team, stcannon, sthirugn, szidek, tcarlin, tfister, tohughes, trathi, tsasak, vkrizan, vmugicag, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-02-10 03:06:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2161574, 2161575, 2161576, 2161577, 2161578, 2161579, 2161580, 2161581, 2161582, 2161583, 2164760    
Bug Blocks: 2134910    

Description Sandipan Roy 2023-01-17 10:31:50 UTC 
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

https://dev.gnupg.org/T6284
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f61a5ea4e0f6a80fd4b28ef0174bee77793cf070
https://www.debian.org/security/2022/dsa-5305
https://lists.debian.org/debian-lts-announce/2022/12/msg00035.html
https://security.gentoo.org/glsa/202212-07
Comment 13 errata-xmlrpc 2023-01-30 15:21:10 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:0530 https://access.redhat.com/errata/RHSA-2023:0530
Comment 16 errata-xmlrpc 2023-02-06 16:34:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:0593 https://access.redhat.com/errata/RHSA-2023:0593
Comment 17 errata-xmlrpc 2023-02-06 16:34:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:0592 https://access.redhat.com/errata/RHSA-2023:0592
Comment 18 errata-xmlrpc 2023-02-06 16:39:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:0594 https://access.redhat.com/errata/RHSA-2023:0594
Comment 19 errata-xmlrpc 2023-02-07 15:38:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:0625 https://access.redhat.com/errata/RHSA-2023:0625
Comment 20 errata-xmlrpc 2023-02-07 15:39:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:0624 https://access.redhat.com/errata/RHSA-2023:0624
Comment 21 errata-xmlrpc 2023-02-07 15:39:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:0626 https://access.redhat.com/errata/RHSA-2023:0626
Comment 22 errata-xmlrpc 2023-02-07 15:47:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:0629 https://access.redhat.com/errata/RHSA-2023:0629
Comment 23 Product Security DevOps Team 2023-02-10 03:06:47 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-47629
Comment 24 errata-xmlrpc 2023-02-14 11:49:09 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2023:0756 https://access.redhat.com/errata/RHSA-2023:0756
Comment 26 errata-xmlrpc 2023-02-20 12:41:06 UTC 
This issue has been addressed in the following products:

  Cryostat 2 on RHEL 8

Via RHSA-2023:0814 https://access.redhat.com/errata/RHSA-2023:0814
Comment 27 errata-xmlrpc 2023-02-21 10:40:38 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Via RHSA-2023:0859 https://access.redhat.com/errata/RHSA-2023:0859