Source: miniupnpd Version: 1.8.20140523-4 Severity: important Tags: security upstream Forwarded: https://github.com/miniupnp/miniupnp/issues/268
Hi, the following vulnerability was published for miniupnpd. CVE-2017-1000494[0]: | Uninitialized stack variable vulnerability in NameValueParserEndElt | (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause | Denial of Service (Segmentation fault and Memory Corruption) or | possibly have unspecified other impact To demonstrate the issue one can compile miniupnpd, removing hardening and addint noopt at teast and triggering the segfault by the reproducers provided in the upstream issue. Adapting the upstream commits [2], [3] to the older version seem to adress the issue, please double check again. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-1000494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000494 [1] https://github.com/miniupnp/miniupnp/issues/268 [2] https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a [3] https://github.com/miniupnp/miniupnp/commit/a0573e251817ec090a8c9f9f41b56d720c835a6c Regards, Salvatore