Summary: | <net-dialup/ppp-2.4.8: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | alarig, base-system, filip.ambroz, luke, phmagic, pinkbyte, polynomial-c |
Priority: | High | Keywords: | STABLEREQ |
Version: | unspecified | Flags: | stable-bot:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: |
net-misc/netifrc-0.7.1
net-dialup/ppp-2.4.8
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2020-02-20 16:19:55 UTC
*** Bug 708192 has been marked as a duplicate of this bug. *** Note that -D_FORTIFY_SOURCE=2 should caught that. Upgrading to B1: Pre-auth, allowing code execution and pppd has setuid set allowing priv escalation. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=481553feb5f5711c7504ee8779b378b2034692a2 commit 481553feb5f5711c7504ee8779b378b2034692a2 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-02-26 15:31:03 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-02-26 15:37:06 +0000 net-dialup/ppp: Bump to version 2.4.8 with security backport for CVE-2020-8597 (0017-pppd-Fix-bounds-check-in-EAP-code.patch) Bug: https://bugs.gentoo.org/710308 Closes: https://bugs.gentoo.org/704680 Package-Manager: Portage-2.3.89, Repoman-2.3.20 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-dialup/ppp/Manifest | 2 + net-dialup/ppp/ppp-2.4.8.ebuild | 232 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 234 insertions(+) Arches, please test and mark stable =net-misc/netifrc-0.7.1 =net-dialup/ppp-2.4.8 Target keywords: amd64 arm arm64 hppa ia64 ppc ppc64 sparc x86 amd64/x86 stable sparc stable arm stable ppc stable ppc64 stable ia64 stable New GLSA request filed. This issue was resolved and addressed in GLSA 202003-19 at https://security.gentoo.org/glsa/202003-19 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architectures. hppa stable arm64 stable @maintainer(s), please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d97a6cdaa517c0c7c2a5658100bc99ea2dc7188c commit d97a6cdaa517c0c7c2a5658100bc99ea2dc7188c Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-04-02 07:18:30 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-04-02 07:18:30 +0000 net-dialup/ppp: Security cleanup Bug: https://bugs.gentoo.org/710308 Package-Manager: Portage-2.3.96, Repoman-2.3.22 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-dialup/ppp/Manifest | 2 - net-dialup/ppp/ppp-2.4.7-r7.ebuild | 230 ------------------------------------- 2 files changed, 232 deletions(-) Tree clean, glsa done, closing. Thanks everyone. |