Bug 515698 (CVE-2009-2412)

Summary: CVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: jorton, kreilly, mjc, pcheung, security-response-team, tcallawa, whattherockfor
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://marc.info/?l=apr-dev&m=124941743930317&w=2
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 17:11:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 515705, 515707, 515708, 515709, 515710, 515711, 515712, 515713, 515714, 515900, 515901, 591930, 595829, 795917    
Bug Blocks:    

Description Jan Lieskovsky 2009-08-05 12:30:54 UTC 
Multiple integer overflow flaws, leading to heap-based overflows were found
in the way Apache Portable Runtime (APR) library used to manage memory
pool and relocatable memory allocations. An attacker could issue 
a specially-crafted request for memory allocation, leading to denial
of service (crash) or, potentially, execute arbitrary code with the
privileges of an application using APR library.

Upstream patches:
-----------------
http://www.apache.org/dist/apr/patches/
Comment 6 Fedora Update System 2009-08-07 04:57:18 UTC 
apr-util-1.3.9-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2009-08-07 05:01:15 UTC 
apr-1.3.8-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2009-08-07 05:05:08 UTC 
apr-util-1.3.9-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2009-08-07 05:08:18 UTC 
apr-1.3.8-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 errata-xmlrpc 2009-08-10 17:22:46 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 4

Via RHSA-2009:1204 https://rhn.redhat.com/errata/RHSA-2009-1204.html
Comment 11 errata-xmlrpc 2009-08-10 17:40:24 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3

Via RHSA-2009:1205 https://rhn.redhat.com/errata/RHSA-2009-1205.html
Comment 12 errata-xmlrpc 2009-09-24 15:17:08 UTC 
This issue has been addressed in following products:

  JBEWS 1.0.0 for RHEL 4

Via RHSA-2009:1462 https://rhn.redhat.com/errata/RHSA-2009-1462.html
Comment 13 Jan Lieskovsky 2009-09-25 16:09:33 UTC 
Issue was fixed in upstream Apache httpd 2.2.13 version:

  http://httpd.apache.org/security/vulnerabilities_22.html
Comment 15 errata-xmlrpc 2010-08-04 21:31:03 UTC 
This issue has been addressed in following products:

  Red Hat Certificate System 7.3

Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html