Bug 46770 - net-snmp: Multiple issues (4.2)
net-snmp: Multiple issues (4.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
All Linux
: P3 normal (vote)
: UCS 4.2-3-errata
Assigned To: Philipp Hahn
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-04-04 16:57 CEST by Philipp Hahn
Modified: 2018-05-08 14:57 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2018-04-04 16:57:31 CEST
New Debian net-snmp 5.7.2.1+dfsg-1+deb8u1+b1 fixes:
This update addresses the following issues:
* The snmp_pdu_parse function in net-snmp does not remove the varBind
  variable in a netsnmp_variable_list item when parsing of the SNMP PDU
  fails, which allows remote attackers to cause a denial of service (crash)
  and possibly execute arbitrary code via a crafted packet. (CVE-2015-5621)
* NET-SNMP contains a heap corruption vulnerability in the UDP protocol
  handler that can result in command execution. (CVE-2018-1000116)

CVE-2015-5621 net-snmp: snmp_pdu_parse() incompletely parsed varBinds left in list of variables
CVE-2018-1000116 net-snmp: Heap corruption in snmp_pdu_parse function in snmplib/snmp_api.c
Comment 1 Philipp Hahn univentionstaff 2018-04-04 17:04:56 CEST
[4.2-3] f04a8b3983 Bug #46770: net-snmp_5.7.2.1+dfsg-1+deb8u1+b1
Comment 2 Philipp Hahn univentionstaff 2018-04-04 17:06:01 CEST
Annoucne will fail as this is a BINNMU in Debian:
 [FAIL] changes.valid: Mismatching binary package version: 5.7.2.1+dfsg-1+deb8u1+b1 != tkmib 5.7.2.1+dfsg-1+deb8u1 from net-snmp 5.7.2.1+dfsg-1+deb8u1
Comment 3 Arvid Requate univentionstaff 2018-05-07 22:07:36 CEST
* No UCS specific patches
* Comparison to previously shipped version ok
* Binary package update Ok
* Advisory Ok
Comment 4 Philipp Hahn univentionstaff 2018-05-08 11:03:17 CEST
(In reply to Philipp Hahn from comment #2)
> Annoucne will fail as this is a BINNMU in Debian:
>  [FAIL] changes.valid: Mismatching binary package version:
> 5.7.2.1+dfsg-1+deb8u1+b1 != tkmib 5.7.2.1+dfsg-1+deb8u1 from net-snmp
> 5.7.2.1+dfsg-1+deb8u1

This was an error in the YAML file: I specified the binary package version containing the additional '+b1' binNMU suffix instead of the source package version.

[4.2-3] 3dffe676bb Bug #46770: net-snmp 5.7.2.1+dfsg-1+deb8u1---
 doc/errata/staging/net-snmp.yaml | 2 +-
Comment 5 Arvid Requate univentionstaff 2018-05-08 14:57:09 CEST
<http://errata.software-univention.de/ucs/4.2/384.html>