*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
In stable bionic release (same on xenial), the coturn server can crah on some DTLS connections. The problem has been fixed on the server (version 4.5.0.8 see : https://github.com/coturn/coturn/blob/master/ChangeLog) but ubuntu 18.04 (server version) use the 4.5.0.7 version. To reproduce : Start coturn on /etc/turnserver.conf with a TLS cert : cert=/etc/... pkey=/etc/... and NOT "no-dtls", so the UDP TLS service is started. Now you can crash it with nmap : sudo nmap -sU -sV -p 5349 <myip-notloopback> Now the server in the log (/var/log/turn*.log) will show : turnserver[1222]: segfault at 7f687d230bc0 ip 00007f687b3f8f8c sp 00007f68753438e8 error 7 in libc-2.27.so[7f687b26a000+1e7000] => The problem is that turnserver is running with root, so potentially be a security problem ? I tested the last master version (4.5.1.2) on github.com/coturn/coturn it doesn't has this bug. Last problem of CVE HTTP vulnerabilty seems to be corrected too (?) ** Affects: coturn (Ubuntu) Importance: Undecided Status: New ** Tags: community-security -- coturn crash/segmentation fault on dtls https://bugs.launchpad.net/bugs/1869406 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
