Bug 31229 - netkit-telnet new security issue CVE-2022-39028
Summary: netkit-telnet new security issue CVE-2022-39028
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2022-12-06 17:22 CET by David Walser
Modified: 2022-12-13 23:10 CET (History)
5 users (show)

See Also:
Source RPM: netkit-telnet-0.17-20.mga8.src.rpm
CVE: CVE-2022-39028
Status comment:


Attachments

Description David Walser 2022-12-06 17:22:54 CET
+++ This bug was initially created as a clone of Bug #30918 +++

SUSE has issued an advisory on September 29:
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012454.html

Mageia 8 is also affected.

The netkit-telnet package is also affected:
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html

as FreeBSD fixed here:
https://cgit.freebsd.org/src/commit/?id=f2aa49e7fda515163da188ec75dba223e2e52216
David Walser 2022-12-06 17:23:07 CET

Status comment: (none) => Patch available from FreeBSD
Whiteboard: (none) => MGA8TOO

Comment 1 Lewis Smith 2022-12-06 19:53:37 CET
Assigning this globally becaus different packagers have worked on this SRPM.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2022-12-07 10:31:33 CET
Suggested advisory:
========================

The updated packages fix a security vulnerability:

2-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications. (CVE-2022-39028)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39028
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
========================

Updated packages in core/updates_testing:
========================
netkit-telnet-0.17-20.1.mga8
netkit-telnet-server-0.17-20.1.mga8

from SRPM:
netkit-telnet-0.17-20.1.mga8.src.rpm

Assignee: pkg-bugs => qa-bugs
CC: (none) => nicolas.salguero
Status comment: Patch available from FreeBSD => (none)
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)
Status: NEW => ASSIGNED

Nicolas Salguero 2022-12-07 10:31:41 CET

Source RPM: netkit-telnet-0.17-21.mga9.src.rpm => netkit-telnet-0.17-20.mga8.src.rpm

Comment 3 Herman Viaene 2022-12-12 17:14:27 CET
MGA8-64 MATE on Acer Aspire 5253
No installation issues.
MCC mentions on netkit-telnet-server: "because telnetd is unsecure you have to manually activate it"
As in bug 26296, I chased around to find some way of getting this server running, but to no avail.
So as in that bug, the only thing I could do was provoking a time-out to my desktop which does not let it in, and in the laptop itself, open the firewall for the webserver, run the webserver and then
$ telnet mach7 80
Trying 192.168.2.7...
Connected to mach7.
Escape character is '^]'.


I go no further. OK for me as in the above bug.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Comment 4 David Walser 2022-12-12 17:47:53 CET
https://bugs.mageia.org/show_bug.cgi?id=26296#c7
still applies.
Comment 5 Thomas Andrews 2022-12-12 21:41:53 CET
Validating. Advisory in comment 2.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2022-12-13 02:03:14 CET

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 6 Mageia Robot 2022-12-13 23:10:58 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0460.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.