Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 579318 (CVE-2015-6360)

Summary: <net-libs/libsrtp-1.6.0: improper handling of CSRC count and extension header length in RTP header
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: chainsaw, chromium
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1323702
Whiteboard: B3 [noglsa cve]
Package list:
net-libs/libsrtp-1.6.0
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 635900    

Description Agostino Sarubbo gentoo-dev 2016-04-08 09:39:03 UTC
From ${URL} :

Randell Jesup and the Firefox team discovered that srtp, Cisco's
reference implementation of the Secure Real-time Transport Protocol
(SRTP), does not properly handle RTP header CSRC count and extension
header length. A remote attacker can exploit this vulnerability to crash
an application linked against libsrtp, resulting in a denial of service.

References:

http://seclists.org/bugtraq/2016/Apr/11


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Thomas Deutschmann gentoo-dev Security 2016-11-21 17:06:14 UTC
@ Maintainer(s): Upstream has released v1.5.3 which contains the fixes. However I recommend to bump the package to v1.5.4 which includes further improvements.
Comment 2 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-01 07:27:17 UTC
ia64 stable
Comment 3 Manuel Rüger (RETIRED) gentoo-dev 2017-11-02 10:46:50 UTC
Stable on amd64
Comment 4 Thomas Deutschmann gentoo-dev Security 2017-11-05 21:29:16 UTC
x86 stable
Comment 5 Tobias Klausmann gentoo-dev 2017-11-08 12:52:42 UTC
Stable on alpha.
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-12 10:27:48 UTC
ppc64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-12 10:41:06 UTC
ppc stable
Comment 8 D'juan McDonald (domhnall) 2018-01-05 03:35:56 UTC
All arches stabilized! maintainter(s), please cleanup. @Security, please add bugID to CVETool. 



Gentoo Security Padawan
(Jmbailey/mbailey_j)
Comment 9 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-03-15 21:54:35 UTC
GLSA Vote: No

@Maintainers libsrtp 1.5.x still in tree, please clean vulnerable versions.

Thank you
Comment 10 Larry the Git Cow gentoo-dev 2018-04-23 14:35:25 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9d005030aa7bc9f8039b5512dac4d59177934c5c

commit 9d005030aa7bc9f8039b5512dac4d59177934c5c
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-04-23 02:24:00 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-04-23 14:35:10 +0000

    net-libs/libsrtp: drop vulnerable
    
    Bug: https://bugs.gentoo.org/579318
    Package-Manager: Portage-2.3.31, Repoman-2.3.9
    Closes: https://github.com/gentoo/gentoo/pull/8113

 net-libs/libsrtp/Manifest                          |  4 --
 net-libs/libsrtp/libsrtp-1.4.4-r1.ebuild           | 75 -------------------
 net-libs/libsrtp/libsrtp-1.4.4-r2.ebuild           | 74 -------------------
 net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild | 76 --------------------
 net-libs/libsrtp/libsrtp-1.4.4_p20121108.ebuild    | 73 -------------------
 net-libs/libsrtp/libsrtp-1.5.2-r1.ebuild           | 79 --------------------
 net-libs/libsrtp/libsrtp-1.5.2.ebuild              | 75 -------------------
 net-libs/libsrtp/libsrtp-1.5.4-r1.ebuild           | 83 ----------------------
 net-libs/libsrtp/libsrtp-1.5.4.ebuild              | 77 --------------------
 9 files changed, 616 deletions(-)}