Bug 1066609 (CVE-2014-2031, CVE-2014-2032) - CVE-2014-2031 CVE-2014-2032 maradns: DoS due to incorrect bounds checking on certain strings
Summary: CVE-2014-2031 CVE-2014-2032 maradns: DoS due to incorrect bounds checking on ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-2031, CVE-2014-2032
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1066611 1066612
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-02-18 17:27 UTC by Martin Prpič
Modified: 2019-09-29 13:13 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-02-18 21:19:22 UTC
Embargoed:


Attachments (Terms of Use)

Description Martin Prpič 2014-02-18 17:27:51 UTC
It was reported [1],[2] that MaraDNS's recursive resolver, Deadwood,
suffers from a flaw where string bounds checking was not done correctly
under certain circumstances. As a result, it was possible for a remote
attacker to send Deadwood a "packet of death", which would cause Deadwood
to crash. Upstream notes that it currently appears that this attack can
only be exploited by an IP address with a permission to perform recursive
queries against Deadwood.

It looks like these are the appropriate patches in git:

https://github.com/samboy/MaraDNS/commit/f015495d221f1c2b2f10db38e87cecf3839d6093
https://github.com/samboy/MaraDNS/commit/2cfcd2397cb8168d4aa4594839fabe88420d03c3

[1] http://samiam.org/blog/2014-02-12.html
[2] http://secunia.com/advisories/57033/

Comment 1 Martin Prpič 2014-02-18 17:30:48 UTC
Created maradns tracking bugs for this issue:

Affects: fedora-all [bug 1066611]
Affects: epel-5 [bug 1066612]

Comment 2 Tomasz Torcz 2014-02-18 18:33:52 UTC
F20 update went stable few days ago. Please check facts before opening such bugs.
F19 update waits for testers. 
I don't care about EPEL.

Comment 3 Vincent Danen 2014-02-18 21:14:43 UTC
(In reply to Tomasz Torcz from comment #2)
> F20 update went stable few days ago. Please check facts before opening such
> bugs.
> F19 update waits for testers. 
> I don't care about EPEL.

Please don't close SRT bugs.  This bug was not assigned to you, so please don't close it.

We don't care whether you care about EPEL.  The maintainer should care about it.  If you're the maintainer of the EPEL version, then I'd suggest we have a problem and maybe someone who _does_ care should take care of it (since it is shipped and, presumably, supported in EPEL5).

Comment 4 Vincent Danen 2014-02-18 21:19:22 UTC
Also, instead of making some rude comments, you could have pointed to the fixed packages:

https://admin.fedoraproject.org/updates/FEDORA-2014-2421 (maradns-2.0.09-1.fc20)
https://admin.fedoraproject.org/updates/FEDORA-2014-2439 (maradns-2.0.09-1.fc19, but this one is currently in testing, not stable)

Comment 5 Tomas Hoger 2014-02-19 07:45:37 UTC
(In reply to Vincent Danen from comment #3)
> We don't care whether you care about EPEL.  The maintainer should care about
> it.  If you're the maintainer of the EPEL version, then I'd suggest we have
> a problem and maybe someone who _does_ care should take care of it (since it
> is shipped and, presumably, supported in EPEL5).

Or have it removed if it's unmaintained:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life#EPEL


Note You need to log in before you can comment on or make changes to this bug.