Summary: | <net-dialup/ppp-2.4.7-r3: buffer overflow in radius plug-in's rc_mksid() (CVE-2015-3310) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, polynomial-c |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1211293 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: |
=net-dialup/ppp-2.4.7-r3
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
![]() CVE-2015-3310 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3310): Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. @ Maintainer(s): We are already carrying a bunch of patches. Can't we also include https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=17;filename=ppp_2.4.6-3.1-nmu.diff;att=1;bug=782450 to patch this vulnerability? commit e99f5f5cdb87fb864e43b90922cbd2e3a675ae8a Author: Lars Wendler <polynomial-c@gentoo.org> Date: Tue Nov 22 14:47:53 2016 net-dialup/ppp: Security revbump to fix CVE-2015-3310 (bug #546554). Package-Manager: portage-2.3.2 I wanna wait a bit with stabilization as I also added a new eap-tls patch which I first want to have settled a bit. @ Arches, please test and mark stable: =net-dialup/ppp-2.4.7-r3 Stable on alpha. amd64 stable x86 stable arm stable sparc stable ppc stable Stable for HPPA. ia64 stable ppc64 stable. Maintainer(s), please cleanup. commit 03fd847c2c05a0e7eaf361d0061358b0a0ce41bd Author: Lars Wendler <polynomial-c@gentoo.org> Date: Wed Jan 18 16:59:45 2017 net-dialup/ppp: Security cleanup (bug #546554). Package-Manager: Portage-2.3.3, Repoman-2.3.1 GLSA request filed. This issue was resolved and addressed in GLSA 201701-50 at https://security.gentoo.org/glsa/201701-50 by GLSA coordinator Aaron Bauman (b-man). |