Vulnerability CVE-2016-2851: Information
Description
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| libotr5 | sisyphus | 4.1.1-alt1 | 4.1.1-alt2 | ALT-PU-2016-1202-1 | 161130 | Fixed |
| libotr5 | p10 | 4.1.1-alt1 | 4.1.1-alt1.2 | ALT-PU-2016-1202-1 | 161130 | Fixed |
| libotr5 | p9 | 4.1.1-alt1 | 4.1.1-alt1.2 | ALT-PU-2016-1202-1 | 161130 | Fixed |
| libotr5 | c10f1 | 4.1.1-alt1 | 4.1.1-alt1.2 | ALT-PU-2016-1202-1 | 161130 | Fixed |
| libotr5 | c9f2 | 4.1.1-alt1 | 4.1.1-alt1.2 | ALT-PU-2016-1202-1 | 161130 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/ |
|
| DSA-3512 |
|
| openSUSE-SU-2016:0708 |
|
| [OTR-users] 20160309 Security Advisory: upgrade to libotr 4.1.1 |
|
| 20160309 Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" |
|
| 84285 |
|
| USN-2926-1 |
|
| openSUSE-SU-2016:0732 |
|
| GLSA-201701-10 |
|
| 39550 |
|
| 20160309 Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" |
|