Bug 443962 - (CVE-2008-1673) CVE-2008-1673 kernel: possible buffer overflow in ASN.1 parsing routines
CVE-2008-1673 kernel: possible buffer overflow in ASN.1 parsing routines
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
Martin Jenner
impact=low,source=upstream,reported=2...
: Security
Depends On: 444461 444462 444463 444464 444465 444470 444471 444472
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-24 08:38 EDT by Jeff Layton
Modified: 2014-06-18 03:37 EDT (History)
15 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
This issue did not have a security consequence for the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and 5, and as such, was treated as a bug fix. This issue could result in arbitrary code execution if the SLOB or SLUB memory allocators were used (introduced in Linux kernel versions 2.6.16 and 2.6.22 respectively). Red Hat Enterprise Linux and Red Hat Enterprise MRG use the SLAB memory allocator, which, in this case, cannot be exploited to allow arbitrary code execution. Red Hat Enterprise Linux 2 and Red Hat Enterprise MRG were not affected.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-12-23 11:55:06 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 9 Tomas Hoger 2008-06-09 03:09:53 EDT
Wei Wang of McAfee Avert Labs discovered a security problem in kernel's ASN.1
decoder affecting CIFS and ip_nat_snmp_basic modules:

Due to an error in two linux kernel modules, cifs filesytem and
ip_nat_snmp_basic in the ASN.1 decoder when handling length BER
encodings, This flaw can be remotely exploited by remote attackers to
cause a vulnerable system to hang or even to execute arbitrary code in
kernel mode.

Since cifs and ip_nat_snmp_basic kernel module are using the same ASN1.1
decoder which was derived from the gxsnmp package . So, gxsnmp is also
vulnerable.
Comment 15 Fedora Update System 2008-06-20 15:04:51 EDT
kernel-2.6.25.6-27.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 21 Eugene Teo (Security Response) 2009-04-15 03:33:48 EDT
This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2, 3, 4, 5 or Red Hat Enterprise MRG.

The bug existed on Red Hat Enterprise Linux 3, 4, and 5. However, this is only a security issue if the SLOB or SLUB memory allocators were used (introduced in Linux kernel versions 2.6.16 and 2.6.22, respectively). All Red Hat Enterprise Linux and Red Hat Enterprise MRG kernels use the SLAB memory allocator, which in this case, cannot be exploited to allow arbitrary code execution. As a preventive measure, the underlying bug was addressed in Red Hat Enterprise Linux 3, 4, and 5, via the advisories RHSA-2008:0973, RHSA-2008:0508, and RHSA-2008:0519, respectively.

Updated: Sept 8th, 2009.

Note You need to log in before you can comment on or make changes to this bug.