Bug 13266

Summary: [CVE 21] libmysofa 1.0 CVEs found
Product: [ROSA-based products] ROSA Fresh Reporter: Yury <y.tumanov>
Component: System (kernel, glibc, systemd, bash, PAM...)Assignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: High CC: a.proklov, pastordidi, s.matveev, v.potapov, y.tumanov
Version: AllFlags: v.potapov: qa_verified+
y.tumanov: secteam_verified+
a.proklov: published+
Target Milestone: 2021.1 Fresh R12   
Hardware: All   
OS: Linux   
URL: CVE-2020-36148, CVE-2020-36149, CVE-2020-36150, CVE-2020-36151, CVE-2020-36152, CVE-2021-3756,
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Yury 2023-05-03 13:58:56 MSK 
Please patch CVEs for package libmysofa version 1.0  
INFO (CVEs are): libmysofa 1.0 cves found
CVE-2020-36148
Desc: Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36148
Severity: MEDIUM
CVE-2020-36149
Desc: Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36149
Severity: MEDIUM
CVE-2020-36150
Desc: Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36150
Severity: MEDIUM
CVE-2020-36151
Desc: Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36151
Severity: MEDIUM
CVE-2020-36152
Desc: Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36152
Severity: HIGH
CVE-2021-3756
Desc: libmysofa is vulnerable to Heap-based Buffer Overflow
Link: https://nvd.nist.gov/vuln/detail/CVE-2021-3756
Severity: CRITICAL
Comment 1 Svyatoslav Matveev 2023-05-04 12:18:23 MSK 
********** QA ADVISORY **********

Уязвимости закрыты обновлением.

*** libmysofa
**  upd: 1.0 -> 1.3.1

https://abf.io/build_lists/4434379
https://abf.io/build_lists/4434380
https://abf.io/build_lists/4434378
https://abf.io/build_lists/4434382
https://abf.io/build_lists/4434381
Comment 2 Dmitry Postnikov 2023-05-04 18:01:08 MSK 
***************************
The update sent to testings
Comment 3 Vladimir Potapov 2023-05-10 12:41:05 MSK 
libmysofa-1.3.1-1
https://abf.io/build_lists/4434379
https://abf.io/build_lists/4434380
https://abf.io/build_lists/4434378
https://abf.io/build_lists/4434382
https://abf.io/build_lists/4434381
************************** Advisory *************************
upd: 1.0 -> 1.3.1
Fix CVEs
*************************************************************
QA Verified
Comment 4 Yury 2023-07-25 12:04:28 MSK 
Secteam Verified