(Oracle Issues Fix for Oracle Linux) curl RTSP URL Processing Buffer Copy Error Lets Remote Users Cause the Target Application to Crash
|
SecurityTracker Alert ID: 1042075 |
SecurityTracker URL: http://securitytracker.com/id/1042075
|
CVE Reference:
CVE-2018-1000122
(Links to External Site)
|
Date: Nov 12 2018
|
Impact:
Denial of service via network, Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 7.20.0 - 7.58.0
|
Description:
A vulnerability was reported in curl. A remote user can cause the target application to crash.
A remote user can cause the target application to trigger a buffer copy error in processing RTSP URLs and cause the application to crash or access potentially sensitive information on the target system.
The vendor was notified on February 20, 2018.
Max Dymond reported this vulnerability.
|
Impact:
A remote user can cause the target application to crash.
A remote user can obtain potentially sensitive information on the target system.
|
Solution:
Oracle has issued a fix.
The Oracle Linux advisory is available at:
http://linux.oracle.com/errata/ELSA-2018-3157.html
|
Vendor URL: linux.oracle.com/errata/ELSA-2018-3157.html (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS: Linux (Oracle)
|
Underlying OS Comments: 7
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Subject: [El-errata] ELSA-2018-3157 Moderate: Oracle Linux 7 curl and nss-pem security and bug fix update
|
Oracle Linux Security Advisory ELSA-2018-3157
http://linux.oracle.com/errata/ELSA-2018-3157.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
curl-7.29.0-51.el7.x86_64.rpm
libcurl-7.29.0-51.el7.i686.rpm
libcurl-7.29.0-51.el7.x86_64.rpm
libcurl-devel-7.29.0-51.el7.i686.rpm
libcurl-devel-7.29.0-51.el7.x86_64.rpm
nss-pem-1.0.3-5.el7.i686.rpm
nss-pem-1.0.3-5.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/curl-7.29.0-51.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-pem-1.0.3-5.el7.src.rpm
Description of changes:
curl
[7.29.0-51]
- require a new enough version of nss-pem to avoid regression in yum
(#1610998)
[7.29.0-50]
- remove dead code, detected by Coverity Analysis
- remove unused variable, detected by GCC and Clang
[7.29.0-49]
- make curl --speed-limit work with TFTP (#1584750)
[7.29.0-48]
- fix RTSP bad headers buffer over-read (CVE-2018-1000301)
- fix FTP path trickery leads to NIL byte out of bounds write
(CVE-2018-1000120)
- fix LDAP NULL pointer dereference (CVE-2018-1000121)
- fix RTSP RTP buffer over-read (CVE-2018-1000122)
- http: prevent custom Authorization headers in redirects (CVE-2018-1000007)
- doc: --tlsauthtype works only if built with TLS-SRP support (#1542256)
- update certificates in the test-suite because they expire soon (#1572723)
[7.29.0-47]
- make NSS deallocate PKCS #11 objects early enough (#1510247)
nss-pem
[1.0.3-5]
- update object ID while reusing a certificate (#1610998)
_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
|
|