[oe-commits] yzhu1 : net-snmp-5.7.2: fix CVE-2014-2285
git at git.openembedded.org
git at git.openembedded.org
Mon May 12 11:30:25 UTC 2014
Module: meta-openembedded.git
Branch: master-next
Commit: 9747141c09c641ce2364f246805be1682bbb7a9a
URL: http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=9747141c09c641ce2364f246805be1682bbb7a9a
Author: yzhu1 <yanjun.zhu at windriver.com>
Date: Fri May 9 16:40:37 2014 +0800
net-snmp-5.7.2: fix CVE-2014-2285
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs
in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions,
allows remote attackers to cause a denial of service (snmptrapd
crash) via an empty community string in an SNMP trap, which triggers
a NULL pointer dereference within the newSVpv function in Perl.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2285
Signed-off-by: yzhu1 <yanjun.zhu at windriver.com>
Signed-off-by: Roy Li <rongqing.li at windriver.com>
Signed-off-by: Joe MacDonald <joe at deserted.net>
---
.../files/net-snmp-5.7.2-fix-CVE-2014-2285.patch | 26 ++++++++++++++++++++++
.../recipes-protocols/net-snmp/net-snmp_5.7.2.bb | 1 +
2 files changed, 27 insertions(+)
diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch
new file mode 100644
index 0000000..8267eeb
--- /dev/null
+++ b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch
@@ -0,0 +1,26 @@
+--- a/perl/TrapReceiver/TrapReceiver.xs
++++ b/perl/TrapReceiver/TrapReceiver.xs
+@@ -81,18 +81,18 @@ int perl_trapd_handler( netsnmp_pdu
+ STOREPDUi("securitymodel", pdu->securityModel);
+ STOREPDUi("securitylevel", pdu->securityLevel);
+ STOREPDU("contextName",
+- newSVpv(pdu->contextName, pdu->contextNameLen));
++ newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
+ STOREPDU("contextEngineID",
+- newSVpv((char *) pdu->contextEngineID,
++ newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
+ pdu->contextEngineIDLen));
+ STOREPDU("securityEngineID",
+- newSVpv((char *) pdu->securityEngineID,
++ newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
+ pdu->securityEngineIDLen));
+ STOREPDU("securityName",
+- newSVpv((char *) pdu->securityName, pdu->securityNameLen));
++ newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
+ } else {
+ STOREPDU("community",
+- newSVpv((char *) pdu->community, pdu->community_len));
++ newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
+ }
+
+ if (transport && transport->f_fmtaddr) {
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb
index 8f20ce9..eb50d0f 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb
@@ -17,6 +17,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
file://snmptrapd.service \
file://ifmib.patch \
file://net-snmp-5.7.2-fix-CVE-2014-2284.patch \
+ file://net-snmp-5.7.2-fix-CVE-2014-2285.patch \
"
SRC_URI[md5sum] = "5bddd02e2f82b62daa79f82717737a14"
More information about the Openembedded-commits
mailing list