Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]

Related Vulnerabilities: CVE-2016-1882   CVE-2016-1879   CVE-2016-1880   CVE-2016-1881  

Source

Debian Bug report logs - #811280
kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]

version graph

Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>;

Reported by: Steven Chamberlain <steven@pyro.eu.org>

Date: Sun, 17 Jan 2016 15:57:02 UTC

Severity: grave

Tags: security, upstream

Found in versions kfreebsd-10/10.1~svn274115-4+kbsd8u1, kfreebsd-10/10.1~svn274115-10

Fixed in versions kfreebsd-10/10.3~svn296373-1, kfreebsd-10/10.1~svn274115-4+kbsd8u2

Done: Steven Chamberlain <steven@pyro.eu.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811280; Package src:kfreebsd-10. (Sun, 17 Jan 2016 15:57:06 GMT) (full text, mbox, link).

Acknowledgement sent to Steven Chamberlain <steven@pyro.eu.org>:
New Bug report received and forwarded. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Sun, 17 Jan 2016 15:57:06 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Steven Chamberlain <steven@pyro.eu.org>
To: submit@bugs.debian.org
Subject: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
Date: Sun, 17 Jan 2016 15:54:45 +0000
Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u1
Severity: grave
Tags: security upstream                                                                                           
Control: found -1 10.1~svn274115-10

kfreebsd's TCP stack is vulnerable to local (and possibly remote under
extreme conditions) denial of service (kernel panic).

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:05.tcp.asc

This affects kfreebsd-10, and also kfreebsd-9 in wheezy.

Marked as found in versions kfreebsd-10/10.1~svn274115-10. Request was from Steven Chamberlain <steven@pyro.eu.org> to submit@bugs.debian.org. (Sun, 17 Jan 2016 15:57:06 GMT) (full text, mbox, link).

Reply sent to Steven Chamberlain <steven@pyro.eu.org>:
You have taken responsibility. (Tue, 19 Jan 2016 01:42:28 GMT) (full text, mbox, link).

Notification sent to Steven Chamberlain <steven@pyro.eu.org>:
Bug acknowledged by developer. (Tue, 19 Jan 2016 01:42:29 GMT) (full text, mbox, link).

Message #12 received at 811280-close@bugs.debian.org (full text, mbox, reply):

From: Steven Chamberlain <steven@pyro.eu.org>
To: 811280-close@bugs.debian.org
Subject: Bug#811280: fixed in kfreebsd-10 10.1~svn274115-4+kbsd8u2
Date: Tue, 19 Jan 2016 01:34:20 +0000
Source: kfreebsd-10
Source-Version: 10.1~svn274115-4+kbsd8u2

We believe that the bug you reported is fixed in the latest version of
kfreebsd-10, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 811280@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steven Chamberlain <steven@pyro.eu.org> (supplier of updated kfreebsd-10 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 18 Jan 2016 02:35:16 +0000
Source: kfreebsd-10
Binary: kfreebsd-source-10.1 kfreebsd-headers-10.1-0 kfreebsd-image-10.1-0-amd64 kfreebsd-image-10-amd64 kfreebsd-headers-10.1-0-amd64 kfreebsd-headers-10-amd64 kernel-image-10.1-0-amd64-di nic-modules-10.1-0-amd64-di nic-wireless-modules-10.1-0-amd64-di nic-shared-modules-10.1-0-amd64-di serial-modules-10.1-0-amd64-di usb-serial-modules-10.1-0-amd64-di ppp-modules-10.1-0-amd64-di cdrom-modules-10.1-0-amd64-di scsi-core-modules-10.1-0-amd64-di scsi-modules-10.1-0-amd64-di scsi-extra-modules-10.1-0-amd64-di plip-modules-10.1-0-amd64-di floppy-modules-10.1-0-amd64-di loop-modules-10.1-0-amd64-di ipv6-modules-10.1-0-amd64-di nls-core-modules-10.1-0-amd64-di ext2-modules-10.1-0-amd64-di isofs-modules-10.1-0-amd64-di reiserfs-modules-10.1-0-amd64-di fat-modules-10.1-0-amd64-di zfs-modules-10.1-0-amd64-di nfs-modules-10.1-0-amd64-di nullfs-modules-10.1-0-amd64-di md-modules-10.1-0-amd64-di parport-modules-10.1-0-amd64-di nic-usb-modules-10.1-0-amd64-di
 sata-modules-10.1-0-amd64-di acpi-modules-10.1-0-amd64-di i2c-modules-10.1-0-amd64-di crypto-modules-10.1-0-amd64-di crypto-dm-modules-10.1-0-amd64-di mmc-core-modules-10.1-0-amd64-di mmc-modules-10.1-0-amd64-di sound-modules-10.1-0-amd64-di zlib-modules-10.1-0-amd64-di kfreebsd-image-10.1-0-486 kfreebsd-image-10-486 kfreebsd-headers-10.1-0-486 kfreebsd-headers-10-486 kfreebsd-image-10.1-0-686 kfreebsd-image-10-686 kfreebsd-headers-10.1-0-686 kfreebsd-headers-10-686 kfreebsd-image-10.1-0-xen kfreebsd-image-10-xen kfreebsd-headers-10.1-0-xen kfreebsd-headers-10-xen kernel-image-10.1-0-486-di nic-modules-10.1-0-486-di nic-wireless-modules-10.1-0-486-di nic-shared-modules-10.1-0-486-di serial-modules-10.1-0-486-di usb-serial-modules-10.1-0-486-di ppp-modules-10.1-0-486-di cdrom-modules-10.1-0-486-di scsi-core-modules-10.1-0-486-di scsi-modules-10.1-0-486-di scsi-extra-modules-10.1-0-486-di plip-modules-10.1-0-486-di floppy-modules-10.1-0-486-di
 loop-modules-10.1-0-486-di ipv6-modules-10.1-0-486-di nls-core-modules-10.1-0-486-di ext2-modules-10.1-0-486-di isofs-modules-10.1-0-486-di reiserfs-modules-10.1-0-486-di fat-modules-10.1-0-486-di zfs-modules-10.1-0-486-di nfs-modules-10.1-0-486-di nullfs-modules-10.1-0-486-di md-modules-10.1-0-486-di parport-modules-10.1-0-486-di nic-usb-modules-10.1-0-486-di sata-modules-10.1-0-486-di acpi-modules-10.1-0-486-di i2c-modules-10.1-0-486-di crypto-modules-10.1-0-486-di crypto-dm-modules-10.1-0-486-di mmc-core-modules-10.1-0-486-di mmc-modules-10.1-0-486-di sound-modules-10.1-0-486-di
 zlib-modules-10.1-0-486-di
Architecture: source all
Version: 10.1~svn274115-4+kbsd8u2
Distribution: jessie-kfreebsd
Urgency: high
Maintainer: GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>
Changed-By: Steven Chamberlain <steven@pyro.eu.org>
Description:
 acpi-modules-10.1-0-486-di - ACPI support modules (udeb)
 acpi-modules-10.1-0-amd64-di - ACPI support modules (udeb)
 cdrom-modules-10.1-0-486-di - Esoteric CDROM drivers (udeb)
 cdrom-modules-10.1-0-amd64-di - Esoteric CDROM drivers (udeb)
 crypto-dm-modules-10.1-0-486-di - devicemapper crypto module (udeb)
 crypto-dm-modules-10.1-0-amd64-di - devicemapper crypto module (udeb)
 crypto-modules-10.1-0-486-di - crypto modules (udeb)
 crypto-modules-10.1-0-amd64-di - crypto modules (udeb)
 ext2-modules-10.1-0-486-di - EXT2 filesystem support (udeb)
 ext2-modules-10.1-0-amd64-di - EXT2 filesystem support (udeb)
 fat-modules-10.1-0-486-di - FAT filesystem support (udeb)
 fat-modules-10.1-0-amd64-di - FAT filesystem support (udeb)
 floppy-modules-10.1-0-486-di - Floppy driver (udeb)
 floppy-modules-10.1-0-amd64-di - Floppy driver (udeb)
 i2c-modules-10.1-0-486-di - i2c support modules (udeb)
 i2c-modules-10.1-0-amd64-di - i2c support modules (udeb)
 ipv6-modules-10.1-0-486-di - IPv6 driver (udeb)
 ipv6-modules-10.1-0-amd64-di - IPv6 driver (udeb)
 isofs-modules-10.1-0-486-di - ISOFS filesystem support (udeb)
 isofs-modules-10.1-0-amd64-di - ISOFS filesystem support (udeb)
 kernel-image-10.1-0-486-di - kFreeBSD binary image for the Debian installer (udeb)
 kernel-image-10.1-0-amd64-di - kFreeBSD binary image for the Debian installer (udeb)
 kfreebsd-headers-10-486 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-686 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-amd64 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-xen - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10.1-0 - Common architecture-specific header files for kernel of FreeBSD 1
 kfreebsd-headers-10.1-0-486 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-686 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-amd64 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-xen - header files for kernel of FreeBSD 10.1
 kfreebsd-image-10-486 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-686 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-amd64 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-xen - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10.1-0-486 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-686 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-amd64 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-xen - kernel of FreeBSD 10.1 image
 kfreebsd-source-10.1 - source code for kernel of FreeBSD 10.1 with Debian patches
 loop-modules-10.1-0-486-di - Loopback filesystem support (udeb)
 loop-modules-10.1-0-amd64-di - Loopback filesystem support (udeb)
 md-modules-10.1-0-486-di - RAID and LVM support (udeb)
 md-modules-10.1-0-amd64-di - RAID and LVM support (udeb)
 mmc-core-modules-10.1-0-486-di - MMC/SD/SDIO core modules (udeb)
 mmc-core-modules-10.1-0-amd64-di - MMC/SD/SDIO core modules (udeb)
 mmc-modules-10.1-0-486-di - MMC/SD card modules (udeb)
 mmc-modules-10.1-0-amd64-di - MMC/SD card modules (udeb)
 nfs-modules-10.1-0-486-di - NFS filesystem support (udeb)
 nfs-modules-10.1-0-amd64-di - NFS filesystem support (udeb)
 nic-modules-10.1-0-486-di - Common NIC drivers (udeb)
 nic-modules-10.1-0-amd64-di - Common NIC drivers (udeb)
 nic-shared-modules-10.1-0-486-di - Shared NIC drivers (udeb)
 nic-shared-modules-10.1-0-amd64-di - Shared NIC drivers (udeb)
 nic-usb-modules-10.1-0-486-di - USB NIC drivers (udeb)
 nic-usb-modules-10.1-0-amd64-di - USB NIC drivers (udeb)
 nic-wireless-modules-10.1-0-486-di - Wireless NIC drivers (udeb)
 nic-wireless-modules-10.1-0-amd64-di - Wireless NIC drivers (udeb)
 nls-core-modules-10.1-0-486-di - Core NLS support (udeb)
 nls-core-modules-10.1-0-amd64-di - Core NLS support (udeb)
 nullfs-modules-10.1-0-486-di - nullfs filesystem support (udeb)
 nullfs-modules-10.1-0-amd64-di - nullfs filesystem support (udeb)
 parport-modules-10.1-0-486-di - Parallel port support (udeb)
 parport-modules-10.1-0-amd64-di - Parallel port support (udeb)
 plip-modules-10.1-0-486-di - PLIP drivers (udeb)
 plip-modules-10.1-0-amd64-di - PLIP drivers (udeb)
 ppp-modules-10.1-0-486-di - PPP drivers (udeb)
 ppp-modules-10.1-0-amd64-di - PPP drivers (udeb)
 reiserfs-modules-10.1-0-486-di - Reiser filesystem support (udeb)
 reiserfs-modules-10.1-0-amd64-di - Reiser filesystem support (udeb)
 sata-modules-10.1-0-486-di - SATA drivers (udeb)
 sata-modules-10.1-0-amd64-di - SATA drivers (udeb)
 scsi-core-modules-10.1-0-486-di - Core SCSI subsystem (udeb)
 scsi-core-modules-10.1-0-amd64-di - Core SCSI subsystem (udeb)
 scsi-extra-modules-10.1-0-486-di - Uncommon SCSI drivers (udeb)
 scsi-extra-modules-10.1-0-amd64-di - Uncommon SCSI drivers (udeb)
 scsi-modules-10.1-0-486-di - SCSI drivers (udeb)
 scsi-modules-10.1-0-amd64-di - SCSI drivers (udeb)
 serial-modules-10.1-0-486-di - Serial drivers (udeb)
 serial-modules-10.1-0-amd64-di - Serial drivers (udeb)
 sound-modules-10.1-0-486-di - sound support (udeb)
 sound-modules-10.1-0-amd64-di - sound support (udeb)
 usb-serial-modules-10.1-0-486-di - USB serial drivers (udeb)
 usb-serial-modules-10.1-0-amd64-di - USB serial drivers (udeb)
 zfs-modules-10.1-0-486-di - ZFS filesystem support (udeb)
 zfs-modules-10.1-0-amd64-di - ZFS filesystem support (udeb)
 zlib-modules-10.1-0-486-di - zlib modules (udeb)
 zlib-modules-10.1-0-amd64-di - zlib modules (udeb)
Closes: 811277 811278 811279 811280 811282
Changes:
 kfreebsd-10 (10.1~svn274115-4+kbsd8u2) jessie-kfreebsd; urgency=high
 .
   * Pick SVN r293894 from FreeBSD 10.1-RELEASE:
     - EN-16:02: Fix invalid TCP checksums with pf(4). (Closes: #811282)
     - SA-16:01: Fix SCTP ICMPv6 error message vulnerability.
       (CVE-2016-1879) (Closes: #811277)
     - SA-16:03: Fix Linux compatibility layer incorrect futex handling.
       (CVE-2016-1880) (Closes: #811278)
     - SA-16:04: Fix Linux compatibility layer setgroups(2) system call.
       (CVE-2016-1881) (Closes: #811279)
     - SA-16:05: Fix TCP MD5 signature denial of service.
       (CVE-2016-1882) (Closes: #811280)
Checksums-Sha1:
 0af35c14941e7d06006f406a313f50e0ba651687 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
 f2bcafd92b3a9b7e5bac6c781ef459a404bd2765 152448 kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
 4f92f76ad828e59547df1f9eaed47a46874ba3b3 26292838 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb
Checksums-Sha256:
 d067ddb202bf69e531cb979d1995adbd736fc12491056b8b5b22f1d391d06635 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
 a017bf95001f973ded50194568915a384d9b7dd5c9acee3f027f6bcb40adaf4f 152448 kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
 40371bad6815bce1c876eb1da02dbb0a527dc7b9a3e05a16b1b83f435cff30f1 26292838 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb
Files:
 dca81b298029f74321e5809fd94f983f 11391 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
 8c381dd610b5e08bb234f5cb70d67e10 152448 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
 51d8a5e5cd2988a24e47486e774377ba 26292838 kernel optional kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJWnYcsAAoJELrpzbaMAu5Tf4wIALioDmWhQS4H7gDX063e5ZWj
ckkJ+Q+Rjrkw6Fgb/ikOBYeTxbRHgG0GuJGmcSGkG8QItPlp9Y70yn0k1Eh4cCha
OSPcaIiZ7vCTYpelwnUIWH3+OSgIClXzkQSp1xUTw2T4hfwRWO1q7AevAT22ORuM
SfxcFvcyx+Bn1Sl2C1lAhTUJ+ZJrZsBtCDmqgcF/dLht4cRbxo+X6rRcKvH/NlEm
6XwEwFNaa6UdrFockYthZSS+hjG9rOmVAFNxbj0bvtYVAEPphMmKZdPVaBozhdWA
+/I9EaK6cJMhg5m0QI609wPvtrARwWfuEB7iZ37B6P87bg5/WWMqGbdeBeCPJtI=
=A+/W
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 05 Dec 2016 11:04:22 GMT) (full text, mbox, link).

Bug unarchived. Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Wed, 07 Dec 2016 01:45:11 GMT) (full text, mbox, link).

Marked as fixed in versions kfreebsd-10/10.3~svn296373-1. Request was from Steven Chamberlain <steven@pyro.eu.org> to control@bugs.debian.org. (Sun, 08 Jan 2017 19:57:07 GMT) (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 06 Feb 2017 07:28:12 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 15:42:34 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started