Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 659558 (CVE-2018-12938)

Summary: net-libs/openslp: Denial of Service and Remote Code Execution vulnerability (CVE-2018-12938)
Product: Gentoo Security Reporter: Florian Schuhmacher <mynt1aa>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal CC: printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://dumpco.re/blog/openslp-2.0.0-double-free
Whiteboard:
Package list:
Runtime testing required: ---

Description Florian Schuhmacher 2018-06-29 03:03:35 UTC 
slpd_process.c in OpenSLP 2.0.0 has a double free resulting in denial of service (daemon crash) or possibly unauthenticated remote code execution. 

Gentoo Security Scout
Florian Schuhmacher
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2019-04-27 00:05:38 UTC 
CVE was issued for the same bug twice / pleas use CVE-2017-17833

*** This bug has been marked as a duplicate of bug 662878 ***