Medium: libevent

Issue Overview:

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via “insanely large inputs” to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later. (CVE-2014-6272)

Multiple integer overflow flaws were found in the libevent’s evbuffer API. An attacker able to make an application pass an excessively long input to libevent using the API could use these flaws to make the application enter an infinite loop, crash, and, possibly, execute arbitrary code. (CVE-2015-6525)

Affected Packages:

libevent

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update libevent to update your system.

New Packages:

aarch64:  
    libevent-2.0.21-4.amzn2.0.3.aarch64  
    libevent-devel-2.0.21-4.amzn2.0.3.aarch64  
    libevent-debuginfo-2.0.21-4.amzn2.0.3.aarch64  
  
i686:  
    libevent-2.0.21-4.amzn2.0.3.i686  
    libevent-devel-2.0.21-4.amzn2.0.3.i686  
    libevent-debuginfo-2.0.21-4.amzn2.0.3.i686  
  
noarch:  
    libevent-doc-2.0.21-4.amzn2.0.3.noarch  
  
src:  
    libevent-2.0.21-4.amzn2.0.3.src  
  
x86_64:  
    libevent-2.0.21-4.amzn2.0.3.x86_64  
    libevent-devel-2.0.21-4.amzn2.0.3.x86_64  
    libevent-debuginfo-2.0.21-4.amzn2.0.3.x86_64  

Additional References

Red Hat: CVE-2014-6272, CVE-2015-6525

Mitre: CVE-2014-6272, CVE-2015-6525