Closed l2dy closed 6 years ago
We are not affected, since we are on the 1.9 branch and Ubuntu's newer branches (whch use the 1.9 branch) are not marked as affected. Marking invalid.
e.g. CVE-2017-9146
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.
Hmm I wonder why Ubuntu didn't even bother. Reopening.
Fixed CVE-2017-9058, CVE-2017-9146, and CVE-2017-12141 with https://github.com/AOSC-Dev/aosc-os-abbs/commit/3bf37178b0ad04437823361596d6a6cb0c98f9a9. Other fixes pending.
@l2dy Please assign an AOSA for the current fixes.
Use AOSA-2018-0259 for CVE-2017-9058, CVE-2017-9146, CVE-2017-12141.
New mitigation measurements: CVE-2017-9471: https://github.com/Yeraze/ytnef/pull/56 CVE-2017-9473: https://github.com/Yeraze/ytnef/pull/57
@l2dy Assign AOSA for the fix: f7e1041e56fd2f0138372f384cea6cb47cb45446
Use AOSA-2018-0276 for CVE-2017-9471, CVE-2017-9473.
Cross-References: USN-3667-1
Hopefully, upstream will release a new version soon.