Bug 527827 (CVE-2009-3575)

Summary: CVE-2009-3575 aria2: buffer overflow vulnerability
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: sundaram
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3575
Whiteboard: impact=moderate,source=cve,reported=20090813,public=20090813,cvss2=
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-01-04 11:49:11 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 527831    
Bug Blocks:    

Description Vincent Danen 2009-10-07 16:03:20 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3575 to
the following vulnerability:

Name: CVE-2009-3575
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575
Assigned: 20091007
Reference: CONFIRM: https://qa.mandriva.com/show_bug.cgi?id=52840
Reference: MANDRIVA:MDVSA-2009:226
Reference: URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:226
Reference: BID:36332
Reference: URL: http://www.securityfocus.com/bid/36332

Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,
1.2.0, and other versions allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via unknown
vectors.
Comment 1 Vincent Danen 2009-10-07 16:14:08 EDT
The upstream patch to correct this is here:

http://aria2.svn.sourceforge.net/viewvc/aria2/trunk/src/DHTRoutingTableDeserializer.cc?r1=670&r2=1041&view=patch

This issue affects Fedora 10; Fedora 11 and later is new enough that the offending code has already been fixed upstream.
Comment 3 Fedora Update System 2009-10-07 22:55:39 EDT
aria2-1.3.1-2.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/aria2-1.3.1-2.fc10
Comment 4 Fedora Update System 2009-10-08 23:38:41 EDT
aria2-1.3.1-2.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.