Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cc378b4b by Salvatore Bonaccorso at 2020-01-16T06:52:53+01:00 Correct status on CVE-2019-12111/miniupnpd for stretch The copyIPv6IfDifferent helper was only introduce in https://github.com/miniupnp/miniupnp/commit/3b12b8fb4e64e90a6319ae0aef3c240a44093439 But the CVE is relating to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c due to not checking the src argument. This is not done as well before the above upstream commit introducing the helper function, so one can argue that the CVE-2019-12111 applies to earlier versions as well. Thanks: Markus Linnala Fixes: 8888a5e59b0b ("Mark CVE-2019-12111/miniupnpd as not-affected") - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -38392,8 +38392,10 @@ CVE-2019-12112 CVE-2019-12111 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...) {DLA-1811-1} - miniupnpd 2.1-6 (bug #930050) - [stretch] - miniupnpd <not-affected> (Vulnerable code introduced later) - NOTE: https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f + [stretch] - miniupnpd <no-dsa> (Minor issue) + NOTE: copyIPv6IfDifferent helper introduced in https://github.com/miniupnp/miniupnp/commit/3b12b8fb4e64e90a6319ae0aef3c240a44093439 + NOTE: but possible NULL pointer dereference on the respective argument is present before. + NOTE: Fixed by: https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f CVE-2019-12110 (An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnP ...) {DLA-1811-1} - miniupnpd 2.1-6 (bug #930050) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc378b4bb39f03e0e6c9878df9f08a088023805e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc378b4bb39f03e0e6c9878df9f08a088023805e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits