Ubuntu
socat package

Possible DoS with fork in socat (CVE-2015-1379)

Bug #1510520 reported by Malte S. Stretz
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
socat (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Trusty ships socat 1.7.2.3-1 which was last patched for CVE-2014-0019. There is a new(er) CVE-2015-1379 which affects all versions 1.7.2.4 and before, details see below.

Even though it is rated Low IMO version 1.7.3.0-1 should be backported from Wily to fix this issue.

----8<---- http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt ----

Socat security advisory 6 - Possible DoS with fork

Overview
  socats signal handler implementations are not async-signal-safe and can cause
  crash or freeze of socat processes

Vulnerability Id: CVE-2015-1379

Severity: Low

Details
  Socats signal handler implementations are not asnyc-signal-safe. When a signal
  is triggered while the process is within a non async-signal-safe function the
  signal handler will call a non async-signal-safe function too. POSIX specifies
  the behaviour in this situation as undefined. Dependend on involved functions,
  libraries, and operating system, the process can continue, freeze, or crash.
  Mostly this issue occurs when socat is in listening mode with fork option and
  a couple of child processes terminate at the same time.

Testcase
  none

Affected versions
  1.0.0.0 - 1.7.2.4
  2.0.0-b1 - 2.0.0-b7

Not affected or corrected versions
  1.7.3.0 and later
  2.0.0-b8 and later

Workaround
  none

Download
  The updated sources can be downloaded from:

    http://www.dest-unreach.org/socat/download/socat-1.7.3.0.tar.gz
    http://www.dest-unreach.org/socat/download/socat-2.0.0-b8.tar.gz

Credits
   Credits to Peter Lobsinger

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: socat 1.7.2.3-1
ProcVersionSignature: Ubuntu 3.19.0-31.36~14.04.1-generic 3.19.8-ckt7
Uname: Linux 3.19.0-31-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.16
Architecture: amd64
CurrentDesktop: KDE
Date: Tue Oct 27 13:22:17 2015
InstallationDate: Installed on 2012-01-06 (1390 days ago)
InstallationMedia: Kubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111011)
SourcePackage: socat
UpgradeStatus: Upgraded to trusty on 2014-08-16 (436 days ago)

Revision history for this message
Malte S. Stretz (mss) wrote :
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

Changed in socat (Ubuntu):
status: New → Incomplete
information type: Private Security → Public Security
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for socat (Ubuntu) because there has been no activity for 60 days.]

Changed in socat (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.