Bug 31229

Summary: netkit-telnet new security issue CVE-2022-39028
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: andrewsfarm, davidwhodgins, herman.viaene, nicolas.salguero, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: netkit-telnet-0.17-20.mga8.src.rpm CVE: CVE-2022-39028
Status comment:

Description David Walser 2022-12-06 17:22:54 CET 
+++ This bug was initially created as a clone of Bug #30918 +++

SUSE has issued an advisory on September 29:
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012454.html

Mageia 8 is also affected.

The netkit-telnet package is also affected:
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html

as FreeBSD fixed here:
https://cgit.freebsd.org/src/commit/?id=f2aa49e7fda515163da188ec75dba223e2e52216
David Walser 2022-12-06 17:23:07 CET

Status comment: (none) => Patch available from FreeBSD
Whiteboard: (none) => MGA8TOO

Comment 1 Lewis Smith 2022-12-06 19:53:37 CET 
Assigning this globally becaus different packagers have worked on this SRPM.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2022-12-07 10:31:33 CET 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

2-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications. (CVE-2022-39028)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39028
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
========================

Updated packages in core/updates_testing:
========================
netkit-telnet-0.17-20.1.mga8
netkit-telnet-server-0.17-20.1.mga8

from SRPM:
netkit-telnet-0.17-20.1.mga8.src.rpm

Assignee: pkg-bugs => qa-bugs
CC: (none) => nicolas.salguero
Status comment: Patch available from FreeBSD => (none)
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)
Status: NEW => ASSIGNED

Nicolas Salguero 2022-12-07 10:31:41 CET

Source RPM: netkit-telnet-0.17-21.mga9.src.rpm => netkit-telnet-0.17-20.mga8.src.rpm

Comment 3 Herman Viaene 2022-12-12 17:14:27 CET 
MGA8-64 MATE on Acer Aspire 5253
No installation issues.
MCC mentions on netkit-telnet-server: "because telnetd is unsecure you have to manually activate it"
As in bug 26296, I chased around to find some way of getting this server running, but to no avail.
So as in that bug, the only thing I could do was provoking a time-out to my desktop which does not let it in, and in the laptop itself, open the firewall for the webserver, run the webserver and then
$ telnet mach7 80
Trying 192.168.2.7...
Connected to mach7.
Escape character is '^]'.


I go no further. OK for me as in the above bug.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Comment 4 David Walser 2022-12-12 17:47:53 CET 
https://bugs.mageia.org/show_bug.cgi?id=26296#c7
still applies.
Comment 5 Thomas Andrews 2022-12-12 21:41:53 CET 
Validating. Advisory in comment 2.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2022-12-13 02:03:14 CET

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 6 Mageia Robot 2022-12-13 23:10:58 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0460.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED