This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
First Last Prev Next    This bug is not in your last search results.
Bug 131837 - nstat in iproute has a buffer overflow
nstat in iproute has a buffer overflow
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: iproute (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Radek Vokal
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-05 10:47 EDT by Steve Grubb
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-06 05:21:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:

Attachments (Terms of Use)
A patch that fixes the problem (1.39 KB, patch)
2004-09-05 10:48 EDT, Steve Grubb 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Steve Grubb 2004-09-05 10:47:09 EDT 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.4.2)
Gecko/20040308

Description of problem:
nstat has a buffer overflow that should be fixed. nstat reads an
environmental variable that's used to locate the /proc directory. If
this variable is inherited in the environment, an attacker could point
to a specially crafted proc entry to take advantage of the buffer
overflow.

I estimate this is low risk, but it must be taken care of.

Version-Release number of selected component (if applicable):
iproute-2.6.9-1

How reproducible:
Didn't try

Steps to Reproduce:
1. Found in a code review

Additional info:

I will attach a patch that addresses this. Its slightly modified
version from Openwall Linux. Please keep the name the same to show
proper attribution.
Comment 1 Steve Grubb 2004-09-05 10:48:34 EDT 
Created attachment 103485 [details]
A patch that fixes the problem
Comment 2 Radek Vokal 2004-09-06 05:21:19 EDT 
Thx for patch, iproute-2.6.9-2 built
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.