Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 637538 (CVE-2017-16820)

Summary: <app-admin/collectd-5.7.2-r1: double free in csnmp_read_table function in snmp.c (CVE-2017-16820)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: whissi
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/collectd/collectd/issues/2291
Whiteboard: B3 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on: 628540    
Bug Blocks:    

Description GLSAMaker/CVETool Bot gentoo-dev 2017-11-15 00:46:55 UTC 
CVE-2017-16820 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16820):
  The csnmp_read_table function in snmp.c in the SNMP plugin in collectd
  before 5.6.3 is susceptible to a double free in a certain error case, which
  could lead to a crash (or potentially have other impact).
Comment 1 Larry the Git Cow gentoo-dev 2018-01-25 22:34:46 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a70b58bd58ff19395c55abbf0a2e620a5a56f3a

commit 9a70b58bd58ff19395c55abbf0a2e620a5a56f3a
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-01-25 22:34:18 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-01-25 22:34:34 +0000

    app-admin/collectd: bump, fixes CVE-2017-16820 & #628540
    
    Ebuild changes:
    ===============
    - To address bug 628540, we no longer run collectd in
      daemon mode, instead we will run collectd everywhere
      in foreground and let the init system handle the PID
      file.
    
    - /run/collectd/ (default location for collectd's UNIX socket)
      is now maintained using tmpfiles service.
    
    Bug: https://bugs.gentoo.org/628540
    Bug: https://bugs.gentoo.org/637538
    Package-Manager: Portage-2.3.20, Repoman-2.3.6

 app-admin/collectd/collectd-5.7.2-r1.ebuild        | 541 +++++++++++++++++++++
 .../files/collectd-5.7.2-CVE-2017-16820.patch      |  39 ++
 app-admin/collectd/files/collectd.confd-r2         |  49 ++
 app-admin/collectd/files/collectd.initd-r2         |  70 +++
 app-admin/collectd/files/collectd.tmpfile          |   1 +
 5 files changed, 700 insertions(+)}
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2018-01-25 22:39:27 UTC 
Stabilization will happen in bug 628540.
Comment 3 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-03-19 01:28:52 UTC 
Added to existing GLSA.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2018-03-22 00:21:58 UTC 
This issue was resolved and addressed in
 GLSA 201803-10 at https://security.gentoo.org/glsa/201803-10
by GLSA coordinator Christopher Diaz Riveros (chrisadr).