Bug 2303461
| Summary: | CVE-2024-43167 unbound: NULL Pointer Dereference in Unbound [fedora-all] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Abhishek Raj <abhraj> |
| Component: | unbound | Assignee: | Petr Menšík <pemensik> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 40 | CC: | paul.wouters, pemensik, pj.pandit |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["37d96366-f860-4d3b-aff7-27e4d1a45b7a"]} | ||
| Fixed In Version: | unbound-1.21.1-3.fc40 unbound-1.21.1-1.fc41 unbound-1.21.1-3.fc39 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2024-10-06 02:11:44 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2305092, 2316313 | ||
| Bug Blocks: | 2303456 | ||
|
Description
Abhishek Raj
2024-08-07 13:45:15 UTC
I cannot access bug link provided. There is no useful information in this bug itself. Without access to any details known, this bug cannot be worked on. (In reply to Petr Menšík from comment #1) > I cannot access bug link provided. There is no useful information in this > bug itself. Without access to any details known, this bug cannot be worked > on. A NULL pointer dereference was found in Unbound versions <= 1.20.0. The vulnerability occurs in the ub_ctx_set_fwd function in libunbound.c. When a specific sequence of API calls is made, the program attempts to read memory from a NULL pointer, resulting in a segmentation fault. This can cause the application to crash, leading to a denial of service. The issue is triggered by a particular use of the ub_ctx_set_fwd and ub_ctx_resolvconf functions. . (In reply to Abhishek Raj from comment #2) > (In reply to Petr Menšík from comment #1) > > I cannot access bug link provided. There is no useful information in this > > bug itself. Without access to any details known, this bug cannot be worked > > on. > > A NULL pointer dereference was found in Unbound versions <= 1.20.0. The > vulnerability occurs in the ub_ctx_set_fwd function in libunbound.c. When a > specific sequence of API calls is made, the program attempts to read memory > from a NULL pointer, resulting in a segmentation fault. This can cause the > application to crash, leading to a denial of service. The issue is triggered > by a particular use of the ub_ctx_set_fwd and ub_ctx_resolvconf functions. . Reference: https://github.com/NLnetLabs/unbound/issues/1072 https://github.com/NLnetLabs/unbound/pull/1073/files Ah, excelent. This is too fixed with recent rebase to 1.21.0 (bug #2316313), in all releases to 1.21.1 (bug #2316313), but not yet added to updates. FEDORA-2024-a5d6cd9f0a (unbound-1.21.1-1.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-a5d6cd9f0a FEDORA-2024-c07e065747 (unbound-1.21.1-3.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-c07e065747 FEDORA-2024-2ba00c906c (unbound-1.21.1-3.fc39) has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2024-2ba00c906c FEDORA-2024-c07e065747 (unbound-1.21.1-3.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2024-a5d6cd9f0a (unbound-1.21.1-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2024-2ba00c906c (unbound-1.21.1-3.fc39) has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report. |