Bug 372021 (CVE-2008-1227) - CVE-2008-1227 Logging into silc account crashes pidgin
Summary: CVE-2008-1227 Logging into silc account crashes pidgin
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2008-1227
Product: Fedora
Classification: Fedora
Component: libsilc
Version: 8
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Stu Tomlinson
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-11-09 01:51 UTC by Nathan G. Grennan
Modified: 2008-08-02 23:40 UTC (History)
4 users (show)

Fixed In Version: 1.0.2-5.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-02-28 21:35:54 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Backtrace with debuginfo (30.28 KB, text/plain)
2008-01-06 15:07 UTC, luca villa 		no flags Details
View All

Description Nathan G. Grennan 2007-11-09 01:51:23 UTC 
Description of problem:
pidgin crashes on login to a silc account. I tried setting it up fresh, and from
old setup. Both caused the crash.

Version-Release number of selected component (if applicable):
pidgin-2.2.2-1.fc8.x86_64

How reproducible:
Everytime

Steps to Reproduce:
1. Install pidgin
2. Run pidgin
3. Setup silc account
  
Actual results:
Crash

Expected results:
Runs normally

Additional info:
If run from a terminal window it mentions a buffer overflow.
Comment 1 luca villa 2007-11-26 21:40:18 UTC 
I can confirm this odd behavior that happens just with silc accounts.
A workaround for this problem is to downgrade to libsilc-1.0.2-2.fc6, the one
installed by default under fedora 7. 
This suggest to me that the problem could be in libsilc itself but I didn't
investigate deeper.
Comment 2 Stu Tomlinson 2008-01-04 03:04:16 UTC 
I think we'll need a backtrace with both pidgin-debuginfo and libsilc-debuginfo
installed to be able to get anywhere with this.
Comment 3 luca villa 2008-01-06 15:07:58 UTC 
Created attachment 290915 [details]
Backtrace with debuginfo
Comment 4 Stu Tomlinson 2008-01-06 18:13:35 UTC 
This appears to be a libsilc problem, could you please try this libsilc package
to see if the crash is fixed, and if you are now able to log in to silc?
http://koji.fedoraproject.org/scratch/nosnilmot/task_328484/
Comment 5 luca villa 2008-01-06 21:56:19 UTC 
This seems to solve the problem for me. Now I can log in to silc without
crashing pidgin anymore.
Comment 6 Fedora Update System 2008-01-26 15:42:54 UTC 
libsilc-1.0.2-5.fc7 has been submitted as an update for Fedora 7
Comment 7 Fedora Update System 2008-01-26 15:42:57 UTC 
libsilc-1.0.2-5.fc8 has been submitted as an update for Fedora 8
Comment 8 Fedora Update System 2008-01-27 07:14:10 UTC 
libsilc-1.0.2-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update libsilc'.  You can provide feedback for this update here: http://admin.fedoraproject.org/F8/FEDORA-2008-1041
Comment 9 Fedora Update System 2008-02-28 21:35:52 UTC 
libsilc-1.0.2-5.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2008-02-28 21:46:11 UTC 
libsilc-1.0.2-5.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Lubomir Kundrak 2008-03-11 21:01:54 UTC 
I'm not convinced the contents of the buffer are in attacker's control; did
anyone conduct some investigation?
Comment 12 Stu Tomlinson 2008-03-20 16:41:16 UTC 
(In reply to comment #11)
> I'm not convinced the contents of the buffer are in attacker's control; did
> anyone conduct some investigation?

I asked this of upstream and the reply was:
> I'm not sure but I think this wasn't so serious.  I never got it crash myself.
Note You need to log in before you can comment on or make changes to this bug.