Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 672228 (CVE-2018-19591) - <sys-libs/glibc-2.28-r4 - if_nametoindex may not close descriptor
Summary: <sys-libs/glibc-2.28-r4 - if_nametoindex may not close descriptor
Status: RESOLVED FIXED
Alias: CVE-2018-19591
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://sourceware.org/git/gitweb.cgi...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-11-29 11:46 UTC by Jeroen Roovers
Modified: 2019-08-15 15:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers gentoo-dev 2018-11-29 11:46:49 UTC
In sysdeps/unix/sysv/linux/if_index.c, __if_nametoindex() creates a socket descriptor but does not close it if the 'ifname' parameter is too long. This is a resource leak (CWE-404).

Additionally, it is possible to call getaddrinfo() with a crafted 'node' parameter, that leads to the offending code in __if_nametoindex().

In short, untrusted hostname resolutions (via getaddrinfo()) lead to descriptor exhaustion.

MITRE has assigned CVE-2018-19591 for this issue.

Attribution: Guido Vranken
Comment 1 Andreas K. Hüttel gentoo-dev 2019-05-01 18:50:11 UTC
All affected packages are masked. No cleanup (toolchain package).
Security please proceed.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2019-08-15 15:40:11 UTC
This issue was resolved and addressed in
 GLSA 201908-06 at https://security.gentoo.org/glsa/201908-06
by GLSA coordinator Aaron Bauman (b-man).