Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2523 to the following vulnerability: Name: CVE-2010-2523 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2523 Assigned: 20100630 Reference: MLIST:[oss-security] 20100706 patch for remote buffer overflows and local message spoofing in mipv6 daemon Reference: URL: http://www.openwall.com/lists/oss-security/2010/07/06/5 Reference: MLIST:[oss-security] 20100707 Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Reference: URL: http://www.openwall.com/lists/oss-security/2010/07/07/4 Reference: MLIST:[oss-security] 20100707 Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Reference: URL: http://marc.info/?l=oss-security&m=127850299910685&w=2 Reference: MLIST:[oss-security] 20100708 Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Reference: URL: http://www.openwall.com/lists/oss-security/2010/07/09/1 Reference: MLIST:[oss-security] 20100708 Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Reference: URL: http://marc.info/?l=oss-security&m=127859390815405&w=2 Reference: BID:41522 Reference: URL: http://www.securityfocus.com/bid/41522 Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet. The patch supplied by Sebastian Krahmer is here: http://www.openwall.com/lists/oss-security/2010/07/06/5 Alternative patches on umip.org are here: http://www.umip.org/gitweb?p=umip.git;a=commitdiff;h=0e67a61ffd37cc4e3dfa8add137a5d6cd8963a8e http://www.umip.org/gitweb?p=umip.git;a=commitdiff;h=3fd3941434a0ee567f874e56c53a5d0855c945e3 Either patch should address both this issue and CVE-2010-2522.
Created mipv6-daemon tracking bugs for this issue Affects: fedora-all [bug 614239]
This is fixed in all current Fedora versions. RHEL-6 packages were patched before GA. Statement: The mipv6-daemon packages in Red Hat Enterprise Linux 6 are not vulnerable to this issue, as they contain a backported patch correcting this flaw.