Summary: | net-misc/minidlna: remote DoS and memory corruption | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Neil Kettle <neil.kettle> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | CONFIRMED --- | ||||||
Severity: | minor | CC: | mgorny, sam | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=834642 | ||||||
Whiteboard: | B3 [upstream] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Neil Kettle
2020-08-07 08:09:07 UTC
Have you reported this issue upstream? (https://sourceforge.net/projects/minidlna/) Disclosing new vulnerabilities is preferred via email and/or a private bug. But we are not the maintainers of minidlna. While we can help, it'd be best to at least report the issue upstream and we can work with you & them here. Can you do that (privately, if possible) and keep us informed? We can then act within Gentoo if you receive no response. Upstream fixed the issues in version 1.3.0. (In reply to Neil Kettle from comment #2) > Upstream fixed the issues in version 1.3.0. Can you point out specifically what the fixes were? Simply put, the author added validation checks on the values to correct negative values as well as integer overflow. However, having said that, further issues are still present in the current build. https://www.rootshellsecurity.net/rootshell-discover-second-remotely-exploitable-bug-minidlna-software/ (In reply to Neil Kettle from comment #4) > Simply put, the author added validation checks on the values to correct > negative values as well as integer overflow. > > However, having said that, further issues are still present in the current > build. > https://www.rootshellsecurity.net/rootshell-discover-second-remotely- > exploitable-bug-minidlna-software/ Did you request a CVE for any of these issues? Or report to upstream's bug tracker? Ah, sorry, these are CVE-2020-28926 and CVE-2021-27202. *** This bug has been marked as a duplicate of bug 757297 *** CVE-2021-27202 is still unfixed. Sorry for the mess. Still apparently waiting on a public upstream report. |