oss-sec mailing list archives
Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw
From: "Eric S. Raymond" <esr () thyrsus com>
Date: Tue, 7 May 2013 21:30:01 -0400
Jan Lieskovsky <jlieskov () redhat com>:
Hello Eric, since there have doubts appeared: https://bugs.mageia.org/show_bug.cgi?id=9969#c2
Sorry, seem I missed some earlier mail, probably due to my DNS being temporarily deranged after I upgraded to Ubuntu 13.04.
which upstream patch has been the CVE-2013-2038 identifier assigned to, could you confirm / disprove the latter? * The true crash was in the NMEA(2000) driver, with upstream patch: http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=dd9c3c2830cb8f8fd8491ce68c82698dc5538f50 This one should be referenced under CVE-2013-2038.
Not quite right. The problem was with NMEA0183, not with NMEA2000. But yes, this crash has been seen in the wild, though not in conjenction with an identified attack.
* While the hypothetical one was in the AIS driver, with upstream patch: http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=08edc49d8f63c75bfdfb480b083b0d960310f94f Upstream 3.9 announcement "Armor the AIS driver against an implausible overrun attack." would support this.
Correct. The potential AIS overrun has *not* been observed. The possibility was reported by someone reading the code.
Application of the patch looks reasonable. Just would be good to know if it was applied just like a preventive measure (no DoS right now, just prevent its [possible] occurrence in the future in case of code change) or if under certain circumstances it might be used to DoS gpsd too?
It is a preventive measure. I don't think it is presently exploitable, but I'm not *certain* it isn't. -- <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
Current thread:
- CVE Request -- gpsd 3.9 fixing a denial of service flaw Jan Lieskovsky (May 02)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Kurt Seifried (May 02)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Eric S. Raymond (May 02)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Jan Lieskovsky (May 03)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Jan Lieskovsky (May 07)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Eric S. Raymond (May 07)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Eric S. Raymond (May 02)
- Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw Kurt Seifried (May 02)