oss-sec mailing list archives
Re: CVE Request: avahi DoS
From: Josh Bressers <bressers () redhat com>
Date: Fri, 25 Jun 2010 12:49:29 -0400 (EDT)
Please use CVE-2010-2244 Thanks. -- JB ----- "Ludwig Nussel" <ludwig.nussel () suse de> wrote:
Hi, avahi crashes if it receives a bad packet (broken checksum) immediately followed by a good packet. In that case FIONREAD returns zero size for the bad packet. avahi doesn't consider that an error and calls recvmsg() which succeeds and returns the good packet which has a non-zero length of course. This discrepancy causes an assert() to fail and avahi terminates. The problem was acknowledged by upstream (Lennart) but no fix was commited so far. I've attached my patch proposal. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Current thread:
- CVE Request: avahi DoS Ludwig Nussel (Jun 23)
- Re: CVE Request: avahi DoS Josh Bressers (Jun 25)