This bug was fixed in the package net-snmp - 5.9+dfsg-3ubuntu1.21.04.1
---
net-snmp (5.9+dfsg-3ubuntu1.21.04.1) hirsute; urgency=medium
* Fix segmentation fault when certificate contains extension
longer than 512 bytes (LP: #1912389)
-
Performing the verification for Hirsute:
First, reproducing the bug with the version currently available:
# apt policy snmpd
snmpd:
Installed: 5.9+dfsg-3ubuntu1
Candidate: 5.9+dfsg-3ubuntu1
Version table:
*** 5.9+dfsg-3ubuntu1 500
500 http://archive.ubuntu.com/ubuntu hirsute/main
** No longer affects: net-snmp (Ubuntu Focal)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch] SIGSEGV: crash when certificate contains extension longer
than 512 bytes
To
Hello Graham, or anyone else affected,
Accepted net-snmp into hirsute-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/net-snmp/5.9+dfsg-
3ubuntu1.21.04.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new
This bug was fixed in the package net-snmp - 5.9+dfsg-3ubuntu2
---
net-snmp (5.9+dfsg-3ubuntu2) impish; urgency=medium
* Fix segmentation fault when certificate contains extension
longer than 512 bytes (LP: #1912389)
-
Still waiting on the SRU team to address this. I will ping them today.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch] SIGSEGV: crash when certificate contains extension
Same bug at RHEL is here:
https://bugzilla.redhat.com/show_bug.cgi?id=1908718
** Bug watch added: Red Hat Bugzilla #1908718
https://bugzilla.redhat.com/show_bug.cgi?id=1908718
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Merge proposal linked:
https://code.launchpad.net/~sergiodj/ubuntu/+source/net-snmp/+git/net-snmp/+merge/403298
** Merge proposal linked:
https://code.launchpad.net/~sergiodj/ubuntu/+source/net-snmp/+git/net-snmp/+merge/403299
--
You received this bug notification because you are a
** Description changed:
+ [ Impact ]
+
+ Users can experience a segmentation fault on snmpd (part of net-snmp)
+ when using a certificate that contains an extension longer than 512
+ bytes and debug output (-D) is enabled. Although this only happens when
+ debugging, it seems to be pretty
OK, finally I was able to trigger the bug locally using a self-signed
cert. I am going to start writing the SRU template for it.
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
Thanks, Graham.
This issue impacts Hirsute and Impish.
For Impish, the best course of action here would be to wait for Debian
to pick up this fix, which would then mean that Ubuntu would
automatically pick it up as well. Given that Debian is in freeze right
now, I don't know if the net-snmp
** Changed in: net-snmp (Ubuntu)
Assignee: (unassigned) => Sergio Durigan Junior (sergiodj)
** Changed in: net-snmp (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks for the heads-up Graham. Our team will be taking a look at it.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch] SIGSEGV: crash when certificate contains extension longer
Quick ping on this one.
Latest net-snmp with this fixed is https://github.com/net-snmp/net-
snmp/releases/tag/v5.9.1.rc1.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch]
In theory, any Let's Encrypt certificate should cause this crash.
The serialised certificate transparency of the certificate at redwax.eu
is 1577 bytes, three times higher than the 512 byte limit that triggers
the crash.
CT Precertificate SCTs:
Signed Certificate
Hi Paride,
Thanks for further investigating. I assumed that the crash was indeed
reproducible by hacking the package, but I think it's important to get a
reproducer that doesn't involve rebuilding anything if we're thinking
about an SRU (for Groovy, for example).
In any case, I think it's
** Changed in: netsnmp
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch] SIGSEGV: crash when certificate contains extension longer
than 512
Hi Sergio,
I did manage to reproduce the crash by lowering SNMP_MAXBUF_SMALL and
rebuilding the package, as Graham suggested. I couldn't generate a
certificate crashing snmpd with the default value of 512, but most
likely I didn't manage to add a very long extension to the certs I
generated.
In
** Changed in: netsnmp
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1912389
Title:
[Patch] SIGSEGV: crash when certificate contains extension longer
than 512 bytes
diff --git a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c
index e0e6615f0..dd202f440 100644
--- a/snmplib/snmp_openssl.c
+++ b/snmplib/snmp_openssl.c
@@ -499,6 +499,8 @@ netsnmp_openssl_cert_dump_extensions(X509 *ocert)
extension_name = OBJ_nid2sn(nid);
buf_len = sizeof(buf);
Thanks, Paride.
I had also found the same bug yesterday, but I decided not to mark the
bug as Triaged because I still cannot reproduce it.
As noted previously, I would like to be able to reproduce the issue
before moving forward. This will prove useful if we have to SRU the
patch.
I still
I found the upstream bug for this issue:
https://github.com/net-snmp/net-snmp/issues/233
The fix landed in the upstream master and V5-9-patches branches [1], but
the issue is still open lacking verification. The patch doesn't apply
cleanly on version 5.8, the version currently in Focal, Groovy
** Bug watch added: github.com/net-snmp/net-snmp/issues #233
https://github.com/net-snmp/net-snmp/issues/233
** Also affects: netsnmp via
https://github.com/net-snmp/net-snmp/issues/233
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a
Launchpad always seems to get the package wrong, it's odd.
To make net-snmp crash:
- Turn debugging on (the crashing happens when dumping the certificate as part
of debug logging).
- Include a cert with an extension that, when printed, is longer than 512 bytes.
- The cert I was using is an EV
Thanks for the bug report.
This should have been opened against net-snmp, and not nagios-plugins,
right? I'm reassigning it to the proper package.
It seems to me that it's a valid bug, but it would be great to have a
more detailed reproducer. I tried editing /etc/ssl/openssl.cnf and
extend the
25 matches
Mail list logo