Bug 372021 - (CVE-2008-1227) CVE-2008-1227 Logging into silc account crashes pidgin
CVE-2008-1227 Logging into silc account crashes pidgin
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: libsilc (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Stu Tomlinson
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-11-08 20:51 EST by Nathan G. Grennan
Modified: 2008-08-02 19:40 EDT (History)
4 users (show)

See Also:
Fixed In Version: 1.0.2-5.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-28 16:35:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Backtrace with debuginfo (30.28 KB, text/plain)
2008-01-06 10:07 EST, luca villa
no flags Details

  None (edit)
Description Nathan G. Grennan 2007-11-08 20:51:23 EST
Description of problem:
pidgin crashes on login to a silc account. I tried setting it up fresh, and from
old setup. Both caused the crash.

Version-Release number of selected component (if applicable):
pidgin-2.2.2-1.fc8.x86_64

How reproducible:
Everytime

Steps to Reproduce:
1. Install pidgin
2. Run pidgin
3. Setup silc account
  
Actual results:
Crash

Expected results:
Runs normally

Additional info:
If run from a terminal window it mentions a buffer overflow.
Comment 1 luca villa 2007-11-26 16:40:18 EST
I can confirm this odd behavior that happens just with silc accounts.
A workaround for this problem is to downgrade to libsilc-1.0.2-2.fc6, the one
installed by default under fedora 7. 
This suggest to me that the problem could be in libsilc itself but I didn't
investigate deeper.
Comment 2 Stu Tomlinson 2008-01-03 22:04:16 EST
I think we'll need a backtrace with both pidgin-debuginfo and libsilc-debuginfo
installed to be able to get anywhere with this.
Comment 3 luca villa 2008-01-06 10:07:58 EST
Created attachment 290915 [details]
Backtrace with debuginfo
Comment 4 Stu Tomlinson 2008-01-06 13:13:35 EST
This appears to be a libsilc problem, could you please try this libsilc package
to see if the crash is fixed, and if you are now able to log in to silc?
http://koji.fedoraproject.org/scratch/nosnilmot/task_328484/
Comment 5 luca villa 2008-01-06 16:56:19 EST
This seems to solve the problem for me. Now I can log in to silc without
crashing pidgin anymore.
Comment 6 Fedora Update System 2008-01-26 10:42:54 EST
libsilc-1.0.2-5.fc7 has been submitted as an update for Fedora 7
Comment 7 Fedora Update System 2008-01-26 10:42:57 EST
libsilc-1.0.2-5.fc8 has been submitted as an update for Fedora 8
Comment 8 Fedora Update System 2008-01-27 02:14:10 EST
libsilc-1.0.2-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update libsilc'.  You can provide feedback for this update here: http://admin.fedoraproject.org/F8/FEDORA-2008-1041
Comment 9 Fedora Update System 2008-02-28 16:35:52 EST
libsilc-1.0.2-5.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2008-02-28 16:46:11 EST
libsilc-1.0.2-5.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Lubomir Kundrak 2008-03-11 17:01:54 EDT
I'm not convinced the contents of the buffer are in attacker's control; did
anyone conduct some investigation?
Comment 12 Stu Tomlinson 2008-03-20 12:41:16 EDT
(In reply to comment #11)
> I'm not convinced the contents of the buffer are in attacker's control; did
> anyone conduct some investigation?

I asked this of upstream and the reply was:
> I'm not sure but I think this wasn't so serious.  I never got it crash myself.

Note You need to log in before you can comment on or make changes to this bug.