Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 355583 (CVE-2011-1002) - <net-dns/avahi-0.6.28-r1: Null UDP Packet DoS (CVE-2011-1002)
Summary: <net-dns/avahi-0.6.28-r1: Null UDP Packet DoS (CVE-2011-1002)
Status: RESOLVED FIXED
Alias: CVE-2011-1002
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://avahi.org/ticket/325
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks: CVE-2010-2244
  Show dependency tree
 
Reported: 2011-02-19 16:20 UTC by Tim Sammut (RETIRED)
Modified: 2011-10-22 16:32 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2011-02-19 16:20:27 UTC
From $URL:

A null UDP packet sent to avahi on port 5353 causes an infinite loop, 100% cpu, DOS. The patch for RBz Bug 607297 is what is causing this. I have posted a description to their Bz: http://bugzilla.redhat.com/show_bug.cgi?id=667187

Changed 18 hours ago by lennart

    * status changed from new to closed
    * resolution set to fixed

Fixed in git.
Changed 18 hours ago by lennart

    * milestone set to Avahi 0.6.29
Comment 1 Sven Wegener gentoo-dev 2011-02-27 01:25:13 UTC
I've commited avahi-0.6.28-r1, containing the fix from avahi git.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-02-27 11:04:29 UTC
Sven, don't close security bugs please. We also need to stabilize the newer version. Any objections?
Comment 3 Sven Wegener gentoo-dev 2011-02-27 12:17:24 UTC
Sorry, I've jut closed it out of habbit. 0.6.28 is ready to go stable.
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2011-02-27 17:14:01 UTC
Arches, please test and mark stable:
=net-dns/avahi-0.6.28-r1
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 5 Agostino Sarubbo gentoo-dev 2011-02-27 17:26:38 UTC
pulled in: dev-libs/libdaemon-0.14-r1

@eva
any objection or prefer that we open a separate bug?
Comment 6 Agostino Sarubbo gentoo-dev 2011-02-28 13:02:19 UTC
from irc:
[14:00:06] <EvaSDK> ago: no objection, it should probably have gone stable long ago already :)

arches, please stable also =dev-libs/libdaemon-0.14-r1


amd64 ok
Comment 7 Andreas Schürch gentoo-dev 2011-02-28 14:41:07 UTC
I tested on x86 =net-dns/avahi-0.6.28-r1 as well as =dev-libs/libdaemon-0.14-r1.
Both look good to go here.
Comment 8 Markos Chandras (RETIRED) gentoo-dev 2011-02-28 18:44:56 UTC
amd64 done
Comment 9 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-03-01 17:24:16 UTC
ppc/ppc64 stable
Comment 10 Thomas Kahle (RETIRED) gentoo-dev 2011-03-02 08:47:39 UTC
x86 done. Thanks Andreas.
Comment 11 Jeroen Roovers (RETIRED) gentoo-dev 2011-03-04 15:46:56 UTC
Stable for HPPA.
Comment 12 Raúl Porcel (RETIRED) gentoo-dev 2011-03-05 12:17:08 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 13 Tim Sammut (RETIRED) gentoo-dev 2011-03-05 21:14:23 UTC
Thanks, everyone.

GLSA Vote: Yes.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 20:03:25 UTC
CVE-2011-1002 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1002):
  avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote
  attackers to cause a denial of service (infinite loop) via an empty mDNS (1)
  IPv4 or (2) IPv6 UDP packet to port 5353.  NOTE: this vulnerability exists
  because of an incorrect fix for CVE-2010-2244.
Comment 15 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-08 22:46:33 UTC
Vote: YES. New GLSA request filed.
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2011-10-22 16:32:32 UTC
This issue was resolved and addressed in
 GLSA 201110-17 at http://security.gentoo.org/glsa/glsa-201110-17.xml
by GLSA coordinator Tobias Heinlein (keytoaster).