Bug 906834 (CVE-2013-0250) - corosync 2.x: Remote DoS due improper HMAC initialization
Summary: corosync 2.x: Remote DoS due improper HMAC initialization
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-0250
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-02-01 16:17 UTC by Jan Lieskovsky
Modified: 2021-02-17 08:07 UTC (History)
5 users (show)

Fixed In Version: Corosync 2.3.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-02-02 12:52:49 UTC


Attachments (Terms of Use)

Description Jan Lieskovsky 2013-02-01 16:17:43 UTC
A remote denial of service flaw was found in the way Corosync, the cluster engine and application programming interfaces, performed processing of network packets. Previously the HMAC key was not initialized properly, which allowed random targeted packets to be processed by the internal process of corosync and possibly leading to a daemon crash.

References:
[1] http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097833.html
[2] http://lwn.net/Vulnerabilities/535234/
[3] https://bugs.mageia.org/show_bug.cgi?id=8905

Relevant upstream patch (might not be complete set):
[4] https://github.com/corosync/corosync/commit/b3f456a8ceefac6e9f2e9acc2ea0c159d412b595

Comment 4 Fabio Massimo Di Nitto 2013-02-01 16:26:55 UTC
> Relevant upstream patch (might not be complete set):
> [4]
> https://github.com/corosync/corosync/commit/
> b3f456a8ceefac6e9f2e9acc2ea0c159d412b595


https://github.com/corosync/corosync/commit/55dc09ea237482f827333759fd45608bc9518d64

https://github.com/corosync/corosync/commit/ebb007a16c6a8d9e6f783ed82b324cb232c64be5

complete set is 3 patches.

Comment 5 Jan Lieskovsky 2013-02-01 16:28:51 UTC
CVE Request:
  http://www.openwall.com/lists/oss-security/2013/02/01/1

Comment 7 Jan Lieskovsky 2013-02-01 16:33:03 UTC
This issue did NOT affect the version of the corosync package, as shipped with Red Hat Enterprise Linux 6.

Comment 8 Jan Lieskovsky 2013-02-01 16:37:12 UTC
Statement:

Not vulnerable. This issue did not affect the version of corosync as shipped with Red Hat Enterprise Linux 6.

Comment 11 Jan Lieskovsky 2013-02-02 12:52:49 UTC
The CVE identifier of CVE-2013-0250 has been assigned to this issue:
  http://www.openwall.com/lists/oss-security/2013/02/01/3


Note You need to log in before you can comment on or make changes to this bug.