SB2017082916 - Multiple vulnerabilities in Liblouis

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2017-13738)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.

2) Buffer overflow (CVE-ID: CVE-2017-13739)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.

3) Buffer overflow (CVE-ID: CVE-2017-13740)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.

4) Use-after-free (CVE-ID: CVE-2017-13741)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.

5) Buffer overflow (CVE-ID: CVE-2017-13742)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile() in compileTranslationTable.c, that will lead to a remote denial of service attack.

6) Buffer overflow (CVE-ID: CVE-2017-13743)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack.

7) Out-of-bounds read (CVE-ID: CVE-2017-13744)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.

Remediation

Install update from vendor's website.

References

• http://www.securityfocus.com/bid/100607
• https://access.redhat.com/errata/RHSA-2017:3111
• https://bugzilla.redhat.com/show_bug.cgi?id=1484297
• https://bugzilla.redhat.com/show_bug.cgi?id=1484299
• https://bugzilla.redhat.com/show_bug.cgi?id=1484306
• https://bugzilla.redhat.com/show_bug.cgi?id=1484332
• https://bugzilla.redhat.com/show_bug.cgi?id=1484334
• https://bugzilla.redhat.com/show_bug.cgi?id=1484335
• https://bugzilla.redhat.com/show_bug.cgi?id=1484338