Bug 10305

Summary: socat new security issue CVE-2013-3571
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, sysadmin-bugs
Version: 3Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/552193/
Whiteboard: MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64-OK MGA2-32-OK
Source RPM: socat-2.0.0-0.b5.2.mga3.src.rpm CVE:
Status comment:

Description David Walser 2013-05-27 02:46:11 CEST 
Upstream has issued an advisory today (May 26):
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html

They have issued releases 1.7.2.2 and 2.0.0-b6 to fix it.

Mageia 2 and Mageia 3 are also affected.

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2013-05-27 03:07:41 CEST 
Updated packages uploaded for Mageia 2, Mageia 3, and Cauldron.

Advisory:
========================

Updated socat package fixes security vulnerability:

Under certain circumstances an FD leak occurs and can be misused for denial of
service attacks against socat running in server mode (CVE-2013-3571).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3571
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html
========================

Updated packages in core/updates_testing:
========================
socat-1.7.2.2-1.mga2
socat-2.0.0-0.b6.1.mga3

from SRPMS:
socat-1.7.2.2-1.mga2.src.rpm
socat-2.0.0-0.b6.1.mga3.src.rpm

Version: Cauldron => 3
Assignee: luigiwalser => qa-bugs
Whiteboard: (none) => MGA2TOO

Comment 2 Dave Hodgins 2013-05-27 04:24:16 CEST 
In Mageia 2, the testcase adds in fd with "can't identify protocol",
while in Mageia the, the added fd shows "protocol: TCP"

I'll install the updates and test them shortly.

CC: (none) => davidwhodgins

Comment 3 Dave Hodgins 2013-05-27 04:36:37 CEST 
Testing complete on both arches, both releases.

Could someone from the sysadmin team push the srpm
socat-2.0.0-0.b6.1.mga3.src.rpm
from Mageia 3 Core Updates Testing to Core Updates and the srpm
socat-1.7.2.2-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated socat package fixes security vulnerability:

Under certain circumstances an FD leak occurs and can be misused for denial of
service attacks against socat running in server mode (CVE-2013-3571).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3571
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html

https://bugs.mageia.org/show_bug.cgi?id=10305

Keywords: (none) => validated_update
Whiteboard: MGA2TOO => MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64-OK MGA2-32-OK
CC: (none) => sysadmin-bugs

Comment 4 David Walser 2013-05-29 22:50:51 CEST 
Mandriva has issued an advisory for this today (May 29):
http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:170/

URL: (none) => http://lwn.net/Vulnerabilities/552193/

Comment 5 Nicolas Vigier 2013-06-06 21:42:57 CEST 
Packages have been pushed to updates.

Status: NEW => RESOLVED
CC: (none) => boklm
Resolution: (none) => FIXED

Nicolas Vigier 2014-05-08 18:05:31 CEST

CC: boklm => (none)