Summary: | <net-libs/libsmi-0.4.8-r1: Remote Arbitrary Code Execution Vulnerability (CVE-2010-2891) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.coresecurity.com/content/libsmi-smigetnode-buffer-overflow | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Tim Sammut (RETIRED)
2010-10-22 07:00:26 UTC
Rating B2 (and not B1) as I don't believe we use this in any server-type packages. There's a patch here: http://www.coresecurity.com/content/libsmi-smigetnode-buffer-overflow Arch teams, please test and mark stable: =net-libs/libsmi-0.4.8-r1 Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" Oops, those aren't stable. It fails tests but it is not a regression over the current stable. amd64 done Stable for HPPA. Builds fine on x86. Rdeps build and run fine on x86. Please mark stable for x86. stable x86, thanks Myckel Stable on alpha. ppc64 done Stable for PPC. ia64/sparc stable Thanks, folks. GLSA request filed. CVE-2010-2891 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2891): Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters. This issue was resolved and addressed in GLSA 201312-10 at http://security.gentoo.org/glsa/glsa-201312-10.xml by GLSA coordinator Chris Reffett (creffett). |