From e2ffb589ed5fc2d775859ad0b1c45b0d389b961e Mon Sep 17 00:00:00 2001 From: zhenggen-xu Date: Mon, 15 Oct 2018 15:01:39 -0700 Subject: [PATCH] [security] Fixes for DSA-4314-1 net-snmp (#2152) CVE-case: https://security-tracker.debian.org/tracker/CVE-2018-18065 --- ...-snmpd-crashes-when-receiving-a-GetN.patch | 36 +++++++++++++++++++ src/snmpd/patch-5.7.3+dfsg/series | 1 + 2 files changed, 37 insertions(+) create mode 100644 src/snmpd/patch-5.7.3+dfsg/0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch diff --git a/src/snmpd/patch-5.7.3+dfsg/0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch b/src/snmpd/patch-5.7.3+dfsg/0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch new file mode 100644 index 0000000000..cdf9b94be9 --- /dev/null +++ b/src/snmpd/patch-5.7.3+dfsg/0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch @@ -0,0 +1,36 @@ +From 2170e345858738e65d3156a49d3186e4a9288821 Mon Sep 17 00:00:00 2001 +From: Zhenggen Xu +Date: Fri, 12 Oct 2018 17:13:54 -0700 +Subject: [PATCH] Subject: [PATCH] CHANGES: BUG: 2743: snmpd crashes when + receiving a GetNext PDU with multiple Varbinds + +skip out-of-range varbinds when calling next handler +--- + agent/helpers/table.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/agent/helpers/table.c b/agent/helpers/table.c +index 882e84c..b943d6e 100644 +--- a/agent/helpers/table.c ++++ b/agent/helpers/table.c +@@ -406,6 +406,8 @@ table_helper_handler(netsnmp_mib_handler *handler, + if (reqinfo->mode == MODE_GET) + table_helper_cleanup(reqinfo, request, + SNMP_NOSUCHOBJECT); ++ else ++ request->processed = 1; /* skip if next handler called */ + continue; + } + +@@ -483,6 +485,8 @@ table_helper_handler(netsnmp_mib_handler *handler, + #endif /* NETSNMP_NO_WRITE_SUPPORT */ + table_helper_cleanup(reqinfo, request, + SNMP_NOSUCHOBJECT); ++ else ++ request->processed = 1; /* skip if next handler called */ + continue; + } + /* +-- +2.18.0 + diff --git a/src/snmpd/patch-5.7.3+dfsg/series b/src/snmpd/patch-5.7.3+dfsg/series index 6da32966e7..edc25f4890 100644 --- a/src/snmpd/patch-5.7.3+dfsg/series +++ b/src/snmpd/patch-5.7.3+dfsg/series @@ -1,2 +1,3 @@ 0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch 0002-at.c-properly-check-return-status-from-realloc.-Than.patch +0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch