Bug 841698 (CVE-2012-3418)
| Summary: | CVE-2012-3418 pcp: multiple integer and heap-based buffer overflow flaws | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | fche, fweimer, kenj, mgoodwin, nathans, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | pcp 3.6.5 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-01-22 16:57:30 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 840822, 840920, 841112, 841126, 841159, 841180, 841183, 841240, 841249, 841284, 841290, 848451, 848629, 848630 | ||
| Bug Blocks: | 841708 | ||
|
Description
Vincent Danen
2012-07-19 22:03:51 UTC
The individual bugs that make up these flaws: bug #840822 Crash in __pmDecodeCreds decoding crafted PDUs bug #840920 pmcd heap-based buffer overflow in __pmDecodeNameList bug #841112 __pmDecodeIDList lacks check against PDU size bug #841126 Missing PDU length checks in __pmDecodeProfile bug #841159 __pmDecodeResult multiple vulnerabilities bug #841180 DecodeNameReq buffer overflow bug #841183 Missing namelen check in __pmDecodeFetch bug #841240 __pmDecodeInstanceReq heap buffer overflow bug #841249 __pmDecodeText heap overflow bug #841284 __pmDecodeInstance vulnerabilities bug #841290 pcp: __pmDecodeLogControl vulnerabilities bug #841306 libpcp additional decoder hardening Respective upstream patches which fix the flaws are included in the individual bugs. Created pcp tracking bugs for this issue Affects: epel-all [bug 848629] This issue was addressed in Fedora and EPEL via the following security updates: Fedora-16: https://admin.fedoraproject.org/updates/pcp-3.6.5-1.fc16 Fedora-17: https://admin.fedoraproject.org/updates/pcp-3.6.5-1.fc17 Rawhide: https://admin.fedoraproject.org/updates/pcp-3.6.5-1.fc18 EPEL-5: https://admin.fedoraproject.org/updates/pcp-3.6.5-1.el5 EPEL-6: https://admin.fedoraproject.org/updates/pcp-3.6.5-1.el6 (In reply to comment #1) > bug #841306 libpcp additional decoder hardening We have excluded this bug from CVE-2012-3418. It is not fixed in pcp-3.6.5. A CVE is not assigned to bug #841306 however, since its not really a flaw, but more of a hardening issue. pcp-3.6.5-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. pcp-3.6.5-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. pcp-3.6.5-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. pcp-3.6.5-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. pcp-3.6.5-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. |