Bug 1173605 - libhtp: denial of service with specific packets
Summary: libhtp: denial of service with specific packets
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
: 1180487 1180488 1180489 (view as bug list)
Depends On: 1173607 1173608 1173610
Blocks: 1180487
TreeView+ depends on / blocked
 
Reported: 2014-12-12 14:00 UTC by Vasyl Kaigorodov
Modified: 2019-09-29 13:25 UTC (History)
4 users (show)

Fixed In Version: libhtp 0.5.16
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-09-17 23:08:04 UTC


Attachments (Terms of Use)

Description Vasyl Kaigorodov 2014-12-12 14:00:48 UTC
It was reported [1] that libhtp handling of streams in error state could lead to NULL pointer dereference, leading to caller crash.
Suricata (Intrusion Detection System) embeds libhtp, and is one of the affected components [2].

[1]: https://github.com/OISF/libhtp/pull/82
[2]: https://redmine.openinfosecfoundation.org/issues/1272

Comment 1 Vasyl Kaigorodov 2014-12-12 14:04:30 UTC
Created suricata tracking bugs for this issue:

Affects: fedora-all [bug 1173607]

Comment 2 Vasyl Kaigorodov 2014-12-12 14:04:32 UTC
Created libhtp tracking bugs for this issue:

Affects: fedora-all [bug 1173608]
Affects: epel-6 [bug 1173610]

Comment 3 Mathieu Bridon 2014-12-12 14:11:49 UTC
Given that this is fixed in 0.5.16, I guess I can just push an update for it in Rawhide and F21.

However, we need to check whether there were API/ABI breaks between 0.5.15 and 0.5.16, and if there were, maybe we should just backport the patch for F20 et EPEL6?

In any case, I'll look at upgrading F21+ right away.

Comment 4 Mathieu Bridon 2015-01-01 16:13:10 UTC
Updates have been submitted almost 3 weeks ago.

Can I get an ACK from the security team, that they do fix the reported vulnerability?

Comment 5 Vasyl Kaigorodov 2015-01-09 16:49:12 UTC
*** Bug 1180487 has been marked as a duplicate of this bug. ***

Comment 6 Fedora Update System 2015-01-19 01:34:19 UTC
libhtp-0.5.16-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2015-01-19 01:35:43 UTC
libhtp-0.5.6-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2015-01-24 18:47:28 UTC
libhtp-0.5.16-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2015-01-28 19:53:34 UTC
suricata-2.0.6-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Mathieu Bridon 2015-02-27 03:13:38 UTC
*** Bug 1180488 has been marked as a duplicate of this bug. ***

Comment 11 Mathieu Bridon 2015-02-27 03:14:06 UTC
*** Bug 1180489 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.