Bug 1418611 (CVE-2016-10196)
Summary: | CVE-2016-10196 libevent: Stack-buffer overflow in evutil_parse_sockaddr_port() | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | cschalle, gecko-bugs-nobody, jfeeney, jhorak, rdma-dev-team, steved, stransky, tpopela |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2017-03-24 04:59:34 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1418616 | ||
Bug Blocks: | 1418615 |
Description
Andrej Nemec
2017-02-02 10:33:59 UTC
Created libevent tracking bugs for this issue: Affects: fedora-all [bug 1418616] nfs-utils since rhel-5 does not use embedded libevent libevent.1.4 does not include support for IPv6. openmpi does not use or expose any functions in libevent which expose this vulnerability. Stack canaries prevent exploitation of this flaw for arbitrary code execution, limiting the potential impact to only a crash. This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:1201 https://access.redhat.com/errata/RHSA-2017:1201 |