Source: libnids Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libnids.
CVE-2010-1144[0]: | A vulnerability has been reported in Libnids, which can be exploited by | malicious people to cause a DoS (Denial of Service). | | The vulnerability is caused due to a NULL pointer dereference error in | src/ip_fragment.c, which can be exploited to crash an application using the | library by sending specially crafted network traffic. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. I extracted the patch from the diff to the new version, attached. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1144 http://security-tracker.debian.org/tracker/CVE-2010-1144 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
--- libnids-1.23/src/ip_fragment.c 2008-02-21 11:30:47.000000000 +0100
+++ libnids-1.24/src/ip_fragment.c 2010-03-14 11:15:58.000000000 +0100
@@ -378,7 +379,7 @@
ip_evictor(void)
{
// fprintf(stderr, "ip_evict:numpack=%i\n", numpack);
- while (this_host->ip_frag_mem > IPFRAG_LOW_THRESH) {
+ while (this_host && this_host->ip_frag_mem > IPFRAG_LOW_THRESH) {
if (!this_host->ipqueue)
panic("ip_evictor: memcount");
ip_free(this_host->ipqueue);
pgpHMfjei7QjT.pgp
Description: PGP signature
