Bug 663673 (CVE-2010-4352)
Summary: | CVE-2010-4352 D-BUS: Stack overflow by validating message with excessive number of nested variants | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | dcbw, lpoetter, mclasen, rhughes, vkrizan, walters, walters | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-07-29 13:31:58 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 663744, 684850, 684851, 684852, 684853, 844272 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Jan Lieskovsky
2010-12-16 15:27:10 UTC
This issue did NOT affect the version of the dbus package, as shipped with Red Hat Enterprise Linux 4. -- This issue affects the versions of the dbus package, as shipped with Red Hat Enterprise Linux 5 and 6. -- This issue affects the versions of the dbus package, as shipped with Fedora release of 13 and 14. Created dbus tracking bugs for this issue Affects: fedora-all [bug 663744] The CVE identifier of CVE-2010-4352 has been assigned to this issue. Issue fixed in upstream dbus-v1.4.1 version: -------------------------------------------- https://bugs.freedesktop.org/show_bug.cgi?id=32321#c12 From the NEWS: -------------- D-Bus 1.4.1 (20 December 2010) == • Fix for CVE-2010-4352: sending messages with excessively-nested variants can crash the bus. The existing restriction to 64-levels of nesting previously only applied to the static type signature; now it also applies to dynamic nesting using variants. Thanks to Rémi Denis-Courmont for discoving this issue. • OS X portability fixes, including launchd support. • Windows autolaunch improvements. • Various bug fixes Relevant upstream changeset: ---------------------------- http://cgit.freedesktop.org/dbus/dbus/commit/?id=7d65a3a6ed8815e34a99c680ac3869fde49dbbd4 Created attachment 486272 [details]
updated rhel5 backport
This patch is what I had locally for RHEL5.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2011:0376 https://rhn.redhat.com/errata/RHSA-2011-0376.html |