Bug 190208

Summary: CVE-2006-2083 rsync buffer overflow issue
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: rsyncAssignee: Simo Sorce <ssorce>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: public=20060422,impact=moderate,reported=20060420,source=secalert
Fixed In Version: 2.6.8-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-02-16 14:47:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Bressers 2006-04-28 19:45:01 UTC 
rsync buffer overflow issue

The receive_xattr() function creates a buffer by adding two integer
variables together without verifying the resultant sum hasn't caused
an integer overflow.

The fix, which is a patch of a patch is here:

http://cvs.samba.org/cgi-bin/cvsweb/rsync/patches/xattrs.diff.diff?r1=1.23&r2=1.24

Only the last few lines matter for this patch, the rest is the result
of making a minor modification in a patch.


This issue also affects FC4