10305 – socat new security issue CVE-2013-3571

Bug 10305 - socat new security issue CVE-2013-3571

Summary: socat new security issue CVE-2013-3571

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	3
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/552193/
Whiteboard:	MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2013-05-27 02:46 CEST by David Walser
Modified:	2014-05-08 18:05 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	socat-2.0.0-0.b5.2.mga3.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-05-27 02:46:11 CEST

Upstream has issued an advisory today (May 26):
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html

They have issued releases 1.7.2.2 and 2.0.0-b6 to fix it.

Mageia 2 and Mageia 3 are also affected.

Reproducible: 

Steps to Reproduce:

Comment 1 David Walser 2013-05-27 03:07:41 CEST

Updated packages uploaded for Mageia 2, Mageia 3, and Cauldron.

Advisory:
========================

Updated socat package fixes security vulnerability:

Under certain circumstances an FD leak occurs and can be misused for denial of
service attacks against socat running in server mode (CVE-2013-3571).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3571
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html
========================

Updated packages in core/updates_testing:
========================
socat-1.7.2.2-1.mga2
socat-2.0.0-0.b6.1.mga3

from SRPMS:
socat-1.7.2.2-1.mga2.src.rpm
socat-2.0.0-0.b6.1.mga3.src.rpm

Version: Cauldron => 3
Assignee: luigiwalser => qa-bugs
Whiteboard: (none) => MGA2TOO

Comment 2 Dave Hodgins 2013-05-27 04:24:16 CEST

In Mageia 2, the testcase adds in fd with "can't identify protocol",
while in Mageia the, the added fd shows "protocol: TCP"

I'll install the updates and test them shortly.

CC: (none) => davidwhodgins

Comment 3 Dave Hodgins 2013-05-27 04:36:37 CEST

Testing complete on both arches, both releases.

Could someone from the sysadmin team push the srpm
socat-2.0.0-0.b6.1.mga3.src.rpm
from Mageia 3 Core Updates Testing to Core Updates and the srpm
socat-1.7.2.2-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated socat package fixes security vulnerability:

Under certain circumstances an FD leak occurs and can be misused for denial of
service attacks against socat running in server mode (CVE-2013-3571).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3571
http://www.dest-unreach.org/socat/contrib/socat-secadv4.html

https://bugs.mageia.org/show_bug.cgi?id=10305

Keywords: (none) => validated_update
Whiteboard: MGA2TOO => MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64-OK MGA2-32-OK
CC: (none) => sysadmin-bugs

Comment 4 David Walser 2013-05-29 22:50:51 CEST

Mandriva has issued an advisory for this today (May 29):
http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:170/

URL: (none) => http://lwn.net/Vulnerabilities/552193/

Comment 5 Nicolas Vigier 2013-06-06 21:42:57 CEST

Packages have been pushed to updates.

Status: NEW => RESOLVED
CC: (none) => boklm
Resolution: (none) => FIXED

Nicolas Vigier 2014-05-08 18:05:31 CEST

CC: boklm => (none)

Note You need to log in before you can comment on or make changes to this bug.