Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dhcpcd5: CVE-2014-7913

Related Vulnerabilities: CVE-2014-7913  

Source

Debian Bug report logs - #846938
dhcpcd5: CVE-2014-7913

version graph

Package: dhcpcd5; Maintainer for dhcpcd5 is Scott Leggett <scott@sl.id.au>; Source for dhcpcd5 is src:dhcpcd5 (PTS, buildd, popcon).

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Sun, 4 Dec 2016 13:54:01 UTC

Severity: serious

Tags: fixed-upstream, patch, security, upstream

Found in versions dhcpcd5/6.10.1-1, dhcpcd5/6.0.5-2

Fixed in version dhcpcd5/7.0.8-0.1

Done: Gianfranco Costamagna <locutusofborg@debian.org>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Jose dos Santos Junior <j.s.junior@live.com>:
Bug#846938; Package src:dhcpcd5. (Sun, 04 Dec 2016 13:54:04 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Jose dos Santos Junior <j.s.junior@live.com>. (Sun, 04 Dec 2016 13:54:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dhcpcd5: CVE-2014-7913
Date: Sun, 04 Dec 2016 14:52:24 +0100
Source: dhcpcd5
Version: 6.0.5-2
Severity: important
Tags: security upstream patch
Control: found -1 6.10.1-1

Hi,

the following vulnerability was published for dhcpcd5.

CVE-2014-7913[0]:
| The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as
| used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products,
| misinterprets the return value of the snprintf function, which allows
| remote DHCP servers to execute arbitrary code or cause a denial of
| service (memory corruption) via a crafted message.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2014-7913
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913
[1] http://roy.marples.name/projects/dhcpcd/ci/528541c4c619520e?sbs=0

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Marked as found in versions dhcpcd5/6.10.1-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to submit@bugs.debian.org. (Sun, 04 Dec 2016 13:54:04 GMT) (full text, mbox, link).

Severity set to 'serious' from 'important' Request was from Jeremy Bicha <jbicha@debian.org> to control@bugs.debian.org. (Mon, 12 Mar 2018 19:18:08 GMT) (full text, mbox, link).

Added tag(s) fixed-upstream. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Sun, 13 May 2018 22:24:07 GMT) (full text, mbox, link).

Bug reassigned from package 'src:dhcpcd5' to 'dhcpcd5'. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Fri, 15 Jun 2018 10:27:05 GMT) (full text, mbox, link).

No longer marked as found in versions dhcpcd5/6.0.5-2 and dhcpcd5/6.10.1-1. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Fri, 15 Jun 2018 10:27:06 GMT) (full text, mbox, link).

Marked as found in versions dhcpcd5/6.0.5-2. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Fri, 15 Jun 2018 10:27:06 GMT) (full text, mbox, link).

Marked as found in versions dhcpcd5/6.10.1-1. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Fri, 15 Jun 2018 10:27:07 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Jose dos Santos Junior <j.s.junior@live.com>:
Bug#846938; Package dhcpcd5. (Wed, 26 Sep 2018 13:09:02 GMT) (full text, mbox, link).

Acknowledgement sent to Gianfranco Costamagna <locutusofborg@debian.org>:
Extra info received and forwarded to list. Copy sent to Jose dos Santos Junior <j.s.junior@live.com>. (Wed, 26 Sep 2018 13:09:02 GMT) (full text, mbox, link).

Message #24 received at 846938@bugs.debian.org (full text, mbox, reply):

From: Gianfranco Costamagna <locutusofborg@debian.org>
To: 846938@bugs.debian.org
Subject: Re: dhcpcd5: CVE-2014-7913
Date: Wed, 26 Sep 2018 15:03:56 +0200
[Message part 1 (text/plain, inline)]
control: tags -1 patch pending
On Sun, 04 Dec 2016 14:52:24 +0100 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: dhcpcd5
> Version: 6.0.5-2
> Severity: important
> Tags: security upstream patch
> Control: found -1 6.10.1-1
> 
> Hi,
> 
> the following vulnerability was published for dhcpcd5.
> 
> CVE-2014-7913[0]:
> | The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as
> | used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products,
> | misinterprets the return value of the snprintf function, which allows
> | remote DHCP servers to execute arbitrary code or cause a denial of
> | service (memory corruption) via a crafted message.
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2014-7913
>     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913
> [1] http://roy.marples.name/projects/dhcpcd/ci/528541c4c619520e?sbs=0
> 
> Please adjust the affected versions in the BTS as needed.
> 
> Regards,
> Salvatore
> 

the following debian tarball has been uploaded in unstable.
I had to update the version because the patch didn't apply to the old one

dhcpcd5 (7.0.8-0.1) unstable; urgency=medium

  [ Gianfranco Costamagna ]
  * New upstream release.
  * Non-maintainer upload.
    - Closes: #846938
  * Switch control/copyright files in secure mode

  [ Julien Lavergne ]
  * New upstream release.
  * debian/control:
   - Add lsb-base (>= 3.0-6) on depends, for the init script.
  * debian/patches:
   - Disable, merged upstream.
  * debian/copyright:
   - Update copyright.

 -- Gianfranco Costamagna <locutusofborg@debian.org>  Wed, 26 Sep 2018 10:03:43 +0200


Please refer to archive or uscan to get the tarball.

cheers,

G.
> 

[dhcpcd5_7.0.8-0.1.debian.tar.xz (application/x-xz, attachment)]

Added tag(s) pending. Request was from Gianfranco Costamagna <locutusofborg@debian.org> to 846938-submit@bugs.debian.org. (Wed, 26 Sep 2018 13:09:02 GMT) (full text, mbox, link).

Reply sent to Gianfranco Costamagna <locutusofborg@debian.org>:
You have taken responsibility. (Wed, 26 Sep 2018 13:21:06 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Wed, 26 Sep 2018 13:21:06 GMT) (full text, mbox, link).

Message #31 received at 846938-close@bugs.debian.org (full text, mbox, reply):

From: Gianfranco Costamagna <locutusofborg@debian.org>
To: 846938-close@bugs.debian.org
Subject: Bug#846938: fixed in dhcpcd5 7.0.8-0.1
Date: Wed, 26 Sep 2018 13:19:23 +0000
Source: dhcpcd5
Source-Version: 7.0.8-0.1

We believe that the bug you reported is fixed in the latest version of
dhcpcd5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 846938@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gianfranco Costamagna <locutusofborg@debian.org> (supplier of updated dhcpcd5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 26 Sep 2018 10:03:43 +0200
Source: dhcpcd5
Binary: dhcpcd5
Architecture: source
Version: 7.0.8-0.1
Distribution: unstable
Urgency: medium
Maintainer: Jose dos Santos Junior <j.s.junior@live.com>
Changed-By: Gianfranco Costamagna <locutusofborg@debian.org>
Description:
 dhcpcd5    - DHCPv4, IPv6RA and DHCPv6 client with IPv4LL support
Closes: 846938
Changes:
 dhcpcd5 (7.0.8-0.1) unstable; urgency=medium
 .
   [ Gianfranco Costamagna ]
   * New upstream release.
   * Non-maintainer upload.
     - Closes: #846938
   * Switch control/copyright files in secure mode
 .
   [ Julien Lavergne ]
   * New upstream release.
   * debian/control:
    - Add lsb-base (>= 3.0-6) on depends, for the init script.
   * debian/patches:
    - Disable, merged upstream.
   * debian/copyright:
    - Update copyright.
Checksums-Sha1:
 24826e8671fd3d2ae2bad9550f3bf0dae9996b35 1721 dhcpcd5_7.0.8-0.1.dsc
 39445fac21200463ca5a08a261408c6abb9a263a 210752 dhcpcd5_7.0.8.orig.tar.xz
 e68d55878db5d701b2bef69e1f2f1c312f692dbf 5676 dhcpcd5_7.0.8-0.1.debian.tar.xz
 98ebfa05bded8280a87bfd2e5bc0da378a493af3 6119 dhcpcd5_7.0.8-0.1_source.buildinfo
Checksums-Sha256:
 c38d6be5bc6297bfac95ea826181412ccb7b393022f33a30f28d3d6938fc4ccc 1721 dhcpcd5_7.0.8-0.1.dsc
 96968e883369ab4afd11eba9dfd9bb109f5dfff65b2814ce6c432f36362dc9b5 210752 dhcpcd5_7.0.8.orig.tar.xz
 1281394e7683a837b1ffc50ec3e15bf48c93c8df96e9ea3cfab91e3007459651 5676 dhcpcd5_7.0.8-0.1.debian.tar.xz
 3a8de3df80a852900b8876c5d19d545e15483ef3ca7cfd8a291268615cfd86db 6119 dhcpcd5_7.0.8-0.1_source.buildinfo
Files:
 65dff75911eb8293c503a3352ee66287 1721 net optional dhcpcd5_7.0.8-0.1.dsc
 77bbb1d73b6f30d6ddcc8b0fd3eae266 210752 net optional dhcpcd5_7.0.8.orig.tar.xz
 6bc1bb8c2cf33624786fd2021cc30f0c 5676 net optional dhcpcd5_7.0.8-0.1.debian.tar.xz
 63e40189433d32b1e39edc6e23beb8f9 6119 net optional dhcpcd5_7.0.8-0.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAlurgpoACgkQ808JdE6f
XdmuuhAApX8gssB+8RgDEKGRSoFNDTSri4bnitxQB9XFb0QCLCVi6gSwsEhXhO7e
ZBSbOJg9HCOpycotn1AzYSLD4dWAVApbUDj/vtzqMhXfV6j77IDYjFIFhwyeop3s
UWWxOZ5ZR3R8PY2UObzysGX75Twpwgns4pgxxKTT0FNXDMZ5qa/9xBPTJP8A+6mm
LJHL/7WW0KecMdypt7KjuGQaC6Sb4p+lLIPUaYV2QiEM+hkZu0Wyc8uLxNhW72Ow
hvJzsOsU4H666+2g1afki8KZbJ7zXqN1tr6A/EVprDG3aWlzouT16Oca82nrVUCA
t+Bu0taZpBkchYTiRAAl6lVFhYP+AZLrzvLTrENunbhU9jXuWV0tVTAmpIKXJsr3
reS7CmczTw2EKG99GowcyjUKMg3ERAp/c4H3QmVtwJr3bQlcLs8VBClHNOAcMQry
vv3rMJjOLk5ZvIf1Ry3ZqeTrXQISDIpKYFRm1YIVnplNHOa9KX0AfeQjpQhzEroc
yGbA209w+2KhfxsciCWphr9zbBMv/csGvKsep12l6GUBi7JEtTKOWaalAntyiJqZ
jn6xOXAA6SDB2tqSgN03TMIgrVLXktfZDkw4mjjorlQS23k6VyX3d60vEHnkDSFs
iRF/HM3SAvfHqCEwM/PaBII16S17vPNBrLTicQu37xarfxR3xvI=
=zazI
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:11:12 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started