1190294 – (CVE-2012-6687) CVE-2012-6687 fcgi: numerous connections cause segfault DoS

Bug 1190294 (CVE-2012-6687) - CVE-2012-6687 fcgi: numerous connections cause segfault DoS

Summary: CVE-2012-6687 fcgi: numerous connections cause segfault DoS

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2012-6687
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1189958 1190212
Blocks:	1190295
TreeView+	depends on / blocked

Reported:	2015-02-06 22:19 UTC by Kurt Seifried
Modified:	2019-09-29 13:27 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-08-25 05:55:47 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Debian BTS	933417	0	None	None	None	Never
Launchpad	933417	0	None	None	None	Never

Description Kurt Seifried 2015-02-06 22:19:48 UTC

FCGI does not perform range checks for file descriptors before use of the FD_SET macro.  This FD_SET macro could allow for more than 1024 total file descriptors to be monitored in the closing state.

This may allow remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening many socket connections to the host and crashing the service.

External references:
https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591

Upstream patches:

At this time the fcgi mailing list is down, this seems to be the patch that is chosen:

https://launchpadlibrarian.net/93064712/poll.patch

Comment 1 Ken Dreyer (Red Hat) 2015-02-06 22:31:22 UTC

link to CVE request: http://www.openwall.com/lists/oss-security/2015/02/06/4 (thanks Till for making the request)

Note You need to log in before you can comment on or make changes to this bug.