Possible DoS with fork in socat (CVE-2015-1379)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
socat (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
Trusty ships socat 1.7.2.3-1 which was last patched for CVE-2014-0019. There is a new(er) CVE-2015-1379 which affects all versions 1.7.2.4 and before, details see below.
Even though it is rated Low IMO version 1.7.3.0-1 should be backported from Wily to fix this issue.
----8<---- http://
Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can cause
crash or freeze of socat processes
Vulnerability Id: CVE-2015-1379
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a signal
is triggered while the process is within a non async-signal-safe function the
signal handler will call a non async-signal-safe function too. POSIX specifies
the behaviour in this situation as undefined. Dependend on involved functions,
libraries, and operating system, the process can continue, freeze, or crash.
Mostly this issue occurs when socat is in listening mode with fork option and
a couple of child processes terminate at the same time.
Testcase
none
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 and later
Workaround
none
Download
The updated sources can be downloaded from:
http://
http://
Credits
Credits to Peter Lobsinger
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: socat 1.7.2.3-1
ProcVersionSign
Uname: Linux 3.19.0-31-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.16
Architecture: amd64
CurrentDesktop: KDE
Date: Tue Oct 27 13:22:17 2015
InstallationDate: Installed on 2012-01-06 (1390 days ago)
InstallationMedia: Kubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111011)
SourcePackage: socat
UpgradeStatus: Upgraded to trusty on 2014-08-16 (436 days ago)
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res