Bug 652335

Summary: mod_ssl possible memory corruption
Product: Red Hat Enterprise Linux 6 Reporter: Joe Orton <jorton>
Component: httpdAssignee: Joe Orton <jorton>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: ddumas, superber, syeghiay
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: httpd-2.2.15-9.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 636427 Environment:
Last Closed: 2011-05-19 14:07:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joe Orton 2010-11-11 16:56:02 UTC 
+++ This bug was initially created as a clone of Bug #636427 +++

Description of problem:
A bug has been found in mod_ssl where it uses memcpy in place of
memmove, which can cause random memory corruption.  Whilst this
has not been seen in RHEL-6 as yet, future changes to the glibc memcpy 
implementation may trigger this and break mod_ssl; it would be
prudent to fix this in the RHEL-6 httpd.  Some change to the 
Fedora/upstream glibc memcpy implementation (or possibly the gcc
inline memcpy) has been triggering new reports of this recently.

This is a low-risk change; fix tested succesfully in Fedora and upstream.

Version-Release number of selected component (if applicable):
httpd-2.2.15-5.el6

How reproducible:
currently not known to be, in RHEL6
Comment 4 albert 2011-02-04 19:20:15 UTC 
I think this bug is the cause for lots of random errors when using https:

Your browser sent a request that this server could not understand
Request header field is missing ':' separator.

These errors happens with an SSL-enabled httpd in front of several tomcat5.5, tomcat6 and jboss servers (mod_jk used). With plain httpd, no errors appear on any application.
Comment 5 albert 2011-02-04 19:21:59 UTC 
(In reply to comment #4)
>  With plain httpd, no errors appear any application.

plain http, sorry
Comment 11 errata-xmlrpc 2011-05-19 14:07:55 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0706.html