1173605 – libhtp: denial of service with specific packets

Bug 1173605 - libhtp: denial of service with specific packets

Summary: libhtp: denial of service with specific packets

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (3):	1180487 1180488 1180489 (view as bug list)
Depends On:	1173607 1173608 1173610
Blocks:	1180487
TreeView+	depends on / blocked

Reported:	2014-12-12 14:00 UTC by Vasyl Kaigorodov
Modified:	2019-09-29 13:25 UTC (History)
CC List:	4 users (show)
Fixed In Version:	libhtp 0.5.16
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-09-17 23:08:04 UTC
Embargoed:

Attachments	(Terms of Use)

Description Vasyl Kaigorodov 2014-12-12 14:00:48 UTC

It was reported [1] that libhtp handling of streams in error state could lead to NULL pointer dereference, leading to caller crash.
Suricata (Intrusion Detection System) embeds libhtp, and is one of the affected components [2].

[1]: https://github.com/OISF/libhtp/pull/82
[2]: https://redmine.openinfosecfoundation.org/issues/1272

Comment 1 Vasyl Kaigorodov 2014-12-12 14:04:30 UTC

Created suricata tracking bugs for this issue:

Affects: fedora-all [bug 1173607]

Comment 2 Vasyl Kaigorodov 2014-12-12 14:04:32 UTC

Created libhtp tracking bugs for this issue:

Affects: fedora-all [bug 1173608]
Affects: epel-6 [bug 1173610]

Comment 3 Mathieu Bridon 2014-12-12 14:11:49 UTC

Given that this is fixed in 0.5.16, I guess I can just push an update for it in Rawhide and F21.

However, we need to check whether there were API/ABI breaks between 0.5.15 and 0.5.16, and if there were, maybe we should just backport the patch for F20 et EPEL6?

In any case, I'll look at upgrading F21+ right away.

Comment 4 Mathieu Bridon 2015-01-01 16:13:10 UTC

Updates have been submitted almost 3 weeks ago.

Can I get an ACK from the security team, that they do fix the reported vulnerability?

Comment 5 Vasyl Kaigorodov 2015-01-09 16:49:12 UTC

*** Bug 1180487 has been marked as a duplicate of this bug. ***

Comment 6 Fedora Update System 2015-01-19 01:34:19 UTC

libhtp-0.5.16-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2015-01-19 01:35:43 UTC

libhtp-0.5.6-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2015-01-24 18:47:28 UTC

libhtp-0.5.16-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2015-01-28 19:53:34 UTC

suricata-2.0.6-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Mathieu Bridon 2015-02-27 03:13:38 UTC

*** Bug 1180488 has been marked as a duplicate of this bug. ***

Comment 11 Mathieu Bridon 2015-02-27 03:14:06 UTC

*** Bug 1180489 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.