[Git][security-tracker-team/security-tracker][master] 389-ds-base: mark CVE-2018-14638 not affected

Hugo Lefeuvre hle at debian.org
Sat Sep 15 16:08:20 BST 2018


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84eb3bca by Hugo Lefeuvre at 2018-09-15T14:57:18Z
389-ds-base: mark CVE-2018-14638 not affected

CVE-2018-14638: two cloned pblocks share the same password policy,
and under certain circumstances the clone might be freed, consequently
freeing the shared password policy. Later, when the original password
policy is freed, it tries to free the password policy a second time
thus resulting in double free, crash and other undefined behavior.

It seems that this vulnerability first appeared in

74c666b83e3e1789c2ef3f7935c327bd7555193e (after 1.3.6.3), which
introduced the concept of cloning blocks

and

407d7d9de7e9c4db1e4c1f5a1a98890f2474c477 (after 1.3.7.0), which
refactored the pblock to a tree-like structure.

It is not completely clear to me when exactly the vulnerability first
appeared, but it is almost certain that the Jessie version (1.3.3.5)
is not affected since affected concepts are not present at all.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5721,6 +5721,7 @@ CVE-2018-14639
 	RESERVED
 CVE-2018-14638 (A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ...)
 	- 389-ds-base <unfixed> (bug #908859)
+	[jessie] - 389-ds-base <not-affected> (Vulnerable code not present)
 	NOTE: https://pagure.io/389-ds-base/c/78fc627accacfa4061ce48977e22301f81ea8d73
 CVE-2018-14637
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84eb3bcae498c6e618dea2cc018513e4954d9e69

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84eb3bcae498c6e618dea2cc018513e4954d9e69
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180915/e66a3f7c/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list