Upstream has announced a new version that fixes a security issue: http://freecode.com/projects/net-snmp/releases/361848 The text there matches that in the CHANGES and NEWS files in the upstream tarball: "A denial of service attack vector was discovered in the Linux implementation of the ICMP-MIB. This release fixes this bug, and all users are encouraged to update their SNMP agent if they make use of the ICMP-MIB table objects." I don't recall seeing a CVE request for this issue. The upstream commit is here: http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/ I have checked the patch into Mageia 3, Mageia 4, and Cauldron SVN. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO, MGA3TOO
CVE request for this issue, as well as another: http://www.openwall.com/lists/oss-security/2014/03/05/2
Severity: normal => major
For posterity, the issue in the initial report on this bug was fixed upstream in 5.7.2.1 upstream. There is another denial of service issue in snmptrapd fixed with a patch upstream: http://sourceforge.net/p/net-snmp/patches/1275/ Both of these issues have been assigned CVEs: http://openwall.com/lists/oss-security/2014/03/05/9 More information is available on the RedHat bugs linked in that message. Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron. Advisory: ======================== Updated net-snmp packages fix security vulnerabilities: Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects (CVE-2014-2284). Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled (CVE-2014-2285). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285 http://freecode.com/projects/net-snmp/releases/361848 http://openwall.com/lists/oss-security/2014/03/05/9 https://bugzilla.redhat.com/show_bug.cgi?id=1070396 https://bugzilla.redhat.com/show_bug.cgi?id=1072778 ======================== Updated packages in core/updates_testing: ======================== net-snmp-5.7.2-7.2.mga3 libnet-snmp30-5.7.2-7.2.mga3 libnet-snmp-devel-5.7.2-7.2.mga3 libnet-snmp-static-devel-5.7.2-7.2.mga3 net-snmp-utils-5.7.2-7.2.mga3 net-snmp-tkmib-5.7.2-7.2.mga3 net-snmp-mibs-5.7.2-7.2.mga3 net-snmp-trapd-5.7.2-7.2.mga3 perl-NetSNMP-5.7.2-7.2.mga3 python-netsnmp-5.7.2-7.2.mga3 net-snmp-5.7.2-13.1.mga4 libnet-snmp30-5.7.2-13.1.mga4 libnet-snmp-devel-5.7.2-13.1.mga4 libnet-snmp-static-devel-5.7.2-13.1.mga4 net-snmp-utils-5.7.2-13.1.mga4 net-snmp-tkmib-5.7.2-13.1.mga4 net-snmp-mibs-5.7.2-13.1.mga4 net-snmp-trapd-5.7.2-13.1.mga4 perl-NetSNMP-5.7.2-13.1.mga4 python-netsnmp-5.7.2-13.1.mga4 from SRPMS: net-snmp-5.7.2-7.2.mga3.src.rpm net-snmp-5.7.2-13.1.mga4.src.rpm
Version: Cauldron => 4Assignee: bugsquad => qa-bugsSummary: net-snmp new denial of service security issue fixed upstream in 5.7.2.1 => net-snmp new denial of service security issues (CVE-2014-2284, CVE-2014-2285)Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO
Procedure: https://bugs.mageia.org/show_bug.cgi?id=12236#c5
Whiteboard: MGA3TOO => MGA3TOO has_procedure
Advisory uploaded.
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure advisory
Testing complete mga4 32 & 64
Whiteboard: MGA3TOO has_procedure advisory => MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok
Testing complete mga3 32 & 64 Validating Could sysadmin please push to 3 & 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2014-0122.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/589937/