Bug 773744 (CVE-2012-0031) - CVE-2012-0031 httpd: possible crash on shutdown due to flaw in scoreboard handling
Summary: CVE-2012-0031 httpd: possible crash on shutdown due to flaw in scoreboard han...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2012-0031
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 746695 746696 746697 785070 787596 787597 787598 787599
Blocks: 781212
TreeView+ depends on / blocked
 
Reported: 2012-01-12 18:49 UTC by Vincent Danen
Modified: 2021-02-24 13:27 UTC (History)
6 users (show)

Fixed In Version: httpd 2.2.22
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-05-07 19:33:07 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0128 0 normal SHIPPED_LIVE Moderate: httpd security update 2012-02-14 01:33:00 UTC
Red Hat Product Errata RHSA-2012:0323 0 normal SHIPPED_LIVE Moderate: httpd security update 2012-02-22 02:57:25 UTC
Red Hat Product Errata RHSA-2012:0542 0 normal SHIPPED_LIVE Moderate: httpd security and bug fix update 2012-05-07 22:22:44 UTC
Red Hat Product Errata RHSA-2012:0543 0 normal SHIPPED_LIVE Moderate: httpd security and bug fix update 2012-05-07 22:22:11 UTC

Description Vincent Danen 2012-01-12 18:49:39 UTC 
Apache 2.2 fixed a possible crash on shutdown if a child changes the sb_type field in the scoreboard.  Since unprivileged children should not be able to affect the parent in this way, this is treated as a Low severity security issue [1].

The reporter has a nice writeup of the flaw as well [2].

[1] http://svn.apache.org/viewvc?view=revision&revision=1230065
[2] http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
Comment 2 Joe Orton 2012-02-06 12:54:44 UTC 
2.2.x fix: http://svn.apache.org/viewvc?rev=1231058&view=rev
Comment 4 errata-xmlrpc 2012-02-13 20:34:29 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0128 https://rhn.redhat.com/errata/RHSA-2012-0128.html
Comment 5 errata-xmlrpc 2012-02-21 21:58:17 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2012:0323 https://rhn.redhat.com/errata/RHSA-2012-0323.html
Comment 6 errata-xmlrpc 2012-05-07 18:51:08 UTC 
This issue has been addressed in following products:

  JBoss Enterprise Web Server 1.0.2

Via RHSA-2012:0543 https://rhn.redhat.com/errata/RHSA-2012-0543.html
Comment 7 errata-xmlrpc 2012-05-07 19:17:32 UTC 
This issue has been addressed in following products:

  JBEWS 1.0 for RHEL 5
  JBEWS 1.0 for RHEL 6

Via RHSA-2012:0542 https://rhn.redhat.com/errata/RHSA-2012-0542.html
Comment 8 Vincent Danen 2014-11-04 20:52:51 UTC 
Statement:

(none)
Note You need to log in before you can comment on or make changes to this bug.