24050 – syslog-ng new use-after-free security issue

Bug 24050 - syslog-ng new use-after-free security issue

Summary: syslog-ng new use-after-free security issue

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Guillaume Rousse
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-12-23 17:02 CET by David Walser
Modified:	2019-01-27 14:30 CET (History)
CC List:	1 user (show)

See Also:
Source RPM:	syslog-ng-3.14.1-5.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-12-23 17:02:25 CET

A security issue fixed upstream in syslog-ng has been announced:
https://www.openwall.com/lists/oss-security/2018/12/23/1

A link to the commit that fixed it is in the message above.

Mageia 6 may also be affected.

Comment 1 Marja Van Waes 2018-12-23 23:07:51 CET

Assigning to the registered maintainer.

CC: (none) => marja11
Assignee: bugsquad => guillomovitch

Comment 2 David Walser 2018-12-24 15:48:49 CET

Fixed in syslog-ng-3.19.1-2.mga7 in Cauldron by Guillaume.

Version: Cauldron => 6

Comment 3 David Walser 2019-01-20 16:28:39 CET

Fedora has issued an advisory for this today (January 20):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/633LADK5VQ23OD6OTIAGHQ6P6ZEWMRGA/

Comment 4 Guillaume Rousse 2019-01-27 11:58:28 CET

I had a look at the code of syslog-ng 3.9.1, shipped in mageia 6. According to my understanding, the problem doesn't exist in that version, as there is no use of the freed pointer, contrarily to more recent version.

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 5 David Walser 2019-01-27 14:30:06 CET

Cool, thanks!

Version: 6 => Cauldron

Note You need to log in before you can comment on or make changes to this bug.