Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 715100 (CVE-2020-6095) - <media-libs/gst-rtsp-server-1.16.2: Denial of service via GstRTSPAuth (CVE-2020-6095)
Summary: <media-libs/gst-rtsp-server-1.16.2: Denial of service via GstRTSPAuth (CVE-20...
Status: CONFIRMED
Alias: CVE-2020-6095
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/GStreamer/gst-rtsp...
Whiteboard: B3 [cleanup glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-27 20:47 UTC by Sam James
Modified: 2020-09-13 23:40 UTC (History)
2 users (show)

See Also:
Package list:
media-libs/gst-rtsp-server-1.16.2
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James gentoo-dev Security 2020-03-27 20:47:29 UTC
Description:
"An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability."

Disclosure: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1018
Patch: https://github.com/GStreamer/gst-rtsp-server/commit/44ccca3086dd81081d72ca0b21d0ecdde962fb1a
Comment 1 John Helmert III (ajak) 2020-06-19 02:29:34 UTC
Maintainer(s): Ping.
Comment 2 Sam James gentoo-dev Security 2020-07-18 20:59:03 UTC
ping
Comment 3 Larry the Git Cow gentoo-dev 2020-08-29 10:00:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4fa29d9e36377f98e19c9a9eddead073781f18eb

commit 4fa29d9e36377f98e19c9a9eddead073781f18eb
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2020-08-29 09:58:35 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2020-08-29 09:59:46 +0000

    media-libs/gst-rtsp-server: bump to 1.16.2, fix CVE-2020-6095
    
    Includes 3 commits from origin/1.16, including fix for CVE-2020-6095.
    Tests fail due to new max-ttl work in 1.16, disable for now.
    1.18 will be meson-based and we'll retry with tests naturally then.
    
    Bug: https://bugs.gentoo.org/715100
    Package-Manager: Portage-2.3.103, Repoman-2.3.20
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 media-libs/gst-rtsp-server/Manifest                |  1 +
 .../files/1.16.2-CVE-2020-6095.patch               | 39 +++++++++++
 .../files/1.16.2-glib-deprecation-fix.patch        | 59 +++++++++++++++++
 .../gst-rtsp-server/files/1.16.2-leak-fix.patch    | 25 ++++++++
 .../gst-rtsp-server/gst-rtsp-server-1.16.2.ebuild  | 75 ++++++++++++++++++++++
 5 files changed, 199 insertions(+)
Comment 4 Thomas Deutschmann gentoo-dev Security 2020-08-29 17:57:54 UTC
x86 stable
Comment 5 Sam James gentoo-dev Security 2020-08-30 23:44:24 UTC
amd64 done

all arches done
Comment 6 Sam James gentoo-dev Security 2020-08-30 23:44:49 UTC
Please cleanup.
Comment 7 Thomas Deutschmann gentoo-dev Security 2020-09-13 22:26:10 UTC
New GLSA request filed.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2020-09-13 23:40:03 UTC
This issue was resolved and addressed in
 GLSA 202009-05 at https://security.gentoo.org/glsa/202009-05
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 9 Thomas Deutschmann gentoo-dev Security 2020-09-13 23:40:27 UTC
Re-opening for cleanup.