Bug 1343364 (CVE-2016-5301) - CVE-2016-5301 libtorrent: Crash while parsing invalid chunked HTTP or UPnP response
Summary: CVE-2016-5301 libtorrent: Crash while parsing invalid chunked HTTP or UPnP re...
Status: CLOSED NOTABUG
Alias: CVE-2016-5301
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20160604,repor...
Keywords: Security
Depends On: 1343365 1343366
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-07 08:31 UTC by Andrej Nemec
Modified: 2019-06-08 21:14 UTC (History)
6 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2016-08-10 20:43:48 UTC


Attachments (Terms of Use)

Description Andrej Nemec 2016-06-07 08:31:01 UTC
A vulnerability was found in libtorrent. A specially crafted HTTP response from a tracker (or potentially a UPnP broadcast) can crash libtorrent in the parse_chunk_header() function.


Upstream bug:

https://github.com/arvidn/libtorrent/issues/780

Upstream fix:

https://github.com/arvidn/libtorrent/pull/782

Comment 1 Andrej Nemec 2016-06-07 08:31:44 UTC
Created libtorrent tracking bugs for this issue:

Affects: fedora-all [bug 1343365]
Affects: epel-all [bug 1343366]

Comment 2 Denis Fateyev 2016-08-10 20:43:48 UTC
This bug relates to a different project [1,2] which is also known as "Rasterbar Libtorrent". That project has nothing to do with Libtorrent by Rakshasa [3] which is provided by "libtorrent" package. The projects name similarity can be confusing indeed.

[1] https://github.com/arvidn/libtorrent

[2] http://libtorrent.org/

[3] https://github.com/rakshasa/libtorrent/


Note You need to log in before you can comment on or make changes to this bug.