[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: avahi DoS
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-06-25 16:49:29
Message-ID: 1313128021.1201161277484569732.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
Please use CVE-2010-2244
Thanks.
--
JB
----- "Ludwig Nussel" <ludwig.nussel@suse.de> wrote:
> Hi,
>
> avahi crashes if it receives a bad packet (broken checksum)
> immediately followed by a good packet. In that case FIONREAD returns
> zero size for the bad packet. avahi doesn't consider that an error
> and calls recvmsg() which succeeds and returns the good packet which
> has a non-zero length of course. This discrepancy causes an assert()
> to fail and avahi terminates.
>
> The problem was acknowledged by upstream (Lennart) but no fix
> was commited so far. I've attached my patch proposal.
>
> cu
> Ludwig
>
> --
> (o_ Ludwig Nussel
> //\
> V_/_ http://www.suse.de/
> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic