Bug 449933
Summary: | buffer overflow when using command `ip xfrm` | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Yang Ren <ryang> | ||||
Component: | iproute | Assignee: | Marcela Mašláňová <mmaslano> | ||||
Status: | CLOSED ERRATA | QA Contact: | Brock Organ <borgan> | ||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 5.2 | CC: | desktop-bugs, herbert.xu, iboverma, jakub, jhrozek, latten, lwang, tao | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-01-20 22:00:14 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 253764 | ||||||
Attachments: |
|
Description
Yang Ren
2008-06-04 11:09:21 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release. *** Bug 444724 has been marked as a duplicate of this bug. *** What are you trying to set up here? An integrity-only ESP SA? The keyword "auth" takes an integrity algorithm, but 3des is a confidentiality algorithm. So perhaps you want to s/auth/enc/? The problem is that iproute does not check its parameters for correctness enough. If the parameters are incorrect, iproute should not crash, but write some readable error message. I tried different combination of parametres and it's crashing after applying patch for xfrm support in this case :( ip is not a privileged command so it crashing on bogus parameters is hardly an important issue. I thought so, I'll give back low priority. *** Bug 458480 has been marked as a duplicate of this bug. *** An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0204.html |