* [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141
@ 2012-08-21 12:19 Gustavo Zacarias
2012-08-22 14:45 ` Luca Ceresoli
2012-08-22 17:59 ` Thomas Petazzoni
0 siblings, 2 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2012-08-21 12:19 UTC (permalink / raw)
To: buildroot
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/netsnmp/netsnmp-CVE-2012-2141.patch | 36 +++++++++++++++++++++++++++
1 files changed, 36 insertions(+), 0 deletions(-)
create mode 100644 package/netsnmp/netsnmp-CVE-2012-2141.patch
diff --git a/package/netsnmp/netsnmp-CVE-2012-2141.patch b/package/netsnmp/netsnmp-CVE-2012-2141.patch
new file mode 100644
index 0000000..1b34b9c
--- /dev/null
+++ b/package/netsnmp/netsnmp-CVE-2012-2141.patch
@@ -0,0 +1,36 @@
+From 4c5633f1603e4bd03ed05c37d782ec8911759c47 Mon Sep 17 00:00:00 2001
+From: Robert Story <rstory@freesnmp.com>
+Date: Mon, 14 May 2012 11:40:06 -0400
+Subject: [PATCH] NEWS: snmp: BUG: 3526549: CVE-2012-2141 Array index error leading to crash
+
+---
+ agent/mibgroup/agent/extend.c | 6 +++++-
+ 1 files changed, 5 insertions(+), 1 deletions(-)
+
+diff --git a/agent/mibgroup/agent/extend.c b/agent/mibgroup/agent/extend.c
+index d00475f..1f8586a 100644
+--- a/agent/mibgroup/agent/extend.c
++++ b/agent/mibgroup/agent/extend.c
+@@ -1126,7 +1126,7 @@ _extend_find_entry( netsnmp_request_info *request,
+ * ...and check the line requested is valid
+ */
+ line_idx = *table_info->indexes->next_variable->val.integer;
+- if (eptr->numlines < line_idx)
++ if (line_idx < 1 || line_idx > eptr->numlines)
+ return NULL;
+ }
+ return eptr;
+@@ -1299,6 +1299,10 @@ handle_nsExtendOutput2Table(netsnmp_mib_handler *handler,
+ * Determine which line we've been asked for....
+ */
+ line_idx = *table_info->indexes->next_variable->val.integer;
++ if (line_idx < 1 || line_idx > extension->numlines) {
++ netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
++ continue;
++ }
+ cp = extension->lines[line_idx-1];
+
+ /*
+--
+1.7.4.1
+
--
1.7.8.6
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141
2012-08-21 12:19 [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141 Gustavo Zacarias
@ 2012-08-22 14:45 ` Luca Ceresoli
2012-08-22 17:59 ` Thomas Petazzoni
1 sibling, 0 replies; 3+ messages in thread
From: Luca Ceresoli @ 2012-08-22 14:45 UTC (permalink / raw)
To: buildroot
Gustavo Zacarias wrote:
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Luca
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141
2012-08-21 12:19 [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141 Gustavo Zacarias
2012-08-22 14:45 ` Luca Ceresoli
@ 2012-08-22 17:59 ` Thomas Petazzoni
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2012-08-22 17:59 UTC (permalink / raw)
To: buildroot
Le Tue, 21 Aug 2012 09:19:42 -0300,
Gustavo Zacarias <gustavo@zacarias.com.ar> a ?crit :
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/netsnmp/netsnmp-CVE-2012-2141.patch | 36 +++++++++++++++++++++++++++
> 1 files changed, 36 insertions(+), 0 deletions(-)
> create mode 100644 package/netsnmp/netsnmp-CVE-2012-2141.patch
Applied, thanks!
Thomas
--
Thomas Petazzoni, Free Electrons
Kernel, drivers, real-time and embedded Linux
development, consulting, training and support.
http://free-electrons.com
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-08-22 17:59 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-08-21 12:19 [Buildroot] [PATCH] netsnmp: add fix for CVE-2012-2141 Gustavo Zacarias
2012-08-22 14:45 ` Luca Ceresoli
2012-08-22 17:59 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox