Bug 29124

Summary: connman new security issue CVE-2021-33833
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, geiger.david68210, herman.viaene, nicolas.salguero, ouaurelien, sysadmin-bugs, williamsdanielusa
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7TOO MGA7-64-OK MGA8-64-OK
Source RPM: connman-1.38-2.mga8.src.rpm CVE: CVE-2021-33833
Status comment:

Description David Walser 2021-06-13 23:40:13 CEST 
A security issue in connman has been announced on June 9:
https://www.openwall.com/lists/oss-security/2021/06/09/1

A fix in Bug 28321 was incomplete.

A corrected fix is attached to the message above.

Mageia 7 and Mageia 8 are also affected.
David Walser 2021-06-13 23:40:37 CEST

CC: (none) => geiger.david68210
Status comment: (none) => Patch available from upstream
Whiteboard: (none) => MGA8TOO, MGA7TOO

Comment 1 Lewis Smith 2021-06-14 21:10:55 CEST 
This package is committed by different people, so asigning the bug globally. DavidG is CC'd.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2021-06-15 10:52:28 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA). (CVE-2021-33833)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33833
https://www.openwall.com/lists/oss-security/2021/06/09/1
========================

Updated packages in 7/core/updates_testing:
========================
connman-1.37-1.2.mga7
connman-devel-1.37-1.2.mga7

from SRPM:
connman-1.37-1.2.mga7.src.rpm

Updated packages in 8/core/updates_testing:
========================
connman-1.38-2.1.mga8
connman-devel-1.38-2.1.mga8

from SRPM:
connman-1.38-2.1.mga8.src.rpm

Status: NEW => ASSIGNED
CC: (none) => nicolas.salguero
Assignee: pkg-bugs => qa-bugs
CVE: (none) => CVE-2021-33833
Version: Cauldron => 8
Whiteboard: MGA8TOO, MGA7TOO => MGA7TOO
Status comment: Patch available from upstream => (none)

Nicolas Salguero 2021-06-15 10:52:46 CEST

Source RPM: connman-1.39-1.mga9.src.rpm => connman-1.38-2.mga8.src.rpm

Comment 3 Herman Viaene 2021-06-17 15:33:19 CEST 
MGA7-64 Plasma on Lenovo B50
No installation issues.
Ref bug 28321 Comment 20, I get exact the same connection error. I wonder whether this is a HW issue, my Wifi is Intel3610.
If someone can run this test successfully, I will not object the OK.

CC: (none) => herman.viaene

Comment 4 David Walser 2021-06-21 22:21:28 CEST 
I'm not really sure why we have this packaged, as we use other things in Mageia to provide this functionality, but as long as there aren't any obvious regressions I'd go ahead and OK it.
Comment 5 Thomas Andrews 2021-07-09 22:02:55 CEST 
Mga7-64 Plasma on a Probook 6550b. Same system as used for bug 28321 Comment 24.

Updated that connman, no installation issues. Went as far as I did in the previous bug, with the same results. Calling it close enough. (Our other tools are much easier to work with)

CC: (none) => andrewsfarm
Whiteboard: MGA7TOO => MGA7TOO MGA7-64-OK

Comment 6 Aurelien Oudelet 2021-07-09 22:18:52 CEST 
(In reply to David Walser from comment #4)
> I'm not really sure why we have this packaged, as we use other things in
> Mageia to provide this functionality, but as long as there aren't any
> obvious regressions I'd go ahead and OK it.

It is packaged for e17 environment as it seems there is a GUI tool there to use it.

CC: (none) => ouaurelien

Comment 7 Thomas Andrews 2021-07-09 23:04:11 CEST 
Mga8-64 tested on a Dell Dimension e520 Plasma system. Installed connman and dependencies with no issues. Saw the gui, and installed that, too. 

Updated before trying anything, no installation issues. The gui was not updated. 

Killed the net_applet, then attempted to run the gui. It failed, with some verbiage on the Konsole screen. Perhaps it's not meant to be run on a x86_64 system. Not a part of this bug, so leaving it alone.

Performed the same commands as in Comment 5, with essentially the same results. (This system did pick up one SSID not available on the other one. Interesting, as the nearest neighbor is 1/4 mile away.) 

Since it seems to be working as far as I could get with it, I'm giving it an OK, and validating. Advisory in Comment 2.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update
Whiteboard: MGA7TOO MGA7-64-OK => MGA7TOO MGA7-64-OK MGA8-64-OK

Thomas Backlund 2021-07-10 12:34:51 CEST

Keywords: (none) => advisory

Comment 8 Mageia Robot 2021-07-10 14:58:40 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0331.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Comment 9 Williams Daniel 2022-07-01 05:35:27 CEST Comment hidden (spam)

CC: (none) => williamsdanielusa