oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: avahi DoS

From: Josh Bressers <bressers () redhat com>
Date: Fri, 25 Jun 2010 12:49:29 -0400 (EDT)
Please use CVE-2010-2244

Thanks.

-- 
    JB


----- "Ludwig Nussel" <ludwig.nussel () suse de> wrote:


Hi,

avahi crashes if it receives a bad packet (broken checksum)
immediately followed by a good packet. In that case FIONREAD returns
zero size for the bad packet. avahi doesn't consider that an error
and calls recvmsg() which succeeds and returns the good packet which
has a non-zero length of course. This discrepancy causes an assert()
to fail and avahi terminates.

The problem was acknowledged by upstream (Lennart) but no fix
was commited so far. I've attached my patch proposal.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Previous By Date Next
Previous By Thread Next

Current thread: