[Bug 691345] Re: buffer overflow in tftp
This bug was fixed in the package netkit-tftp - 0.17-18ubuntu2 --- netkit-tftp (0.17-18ubuntu2) natty; urgency=low * tftp/tftp.c: fix FORTIFY-detected potential memory corruption (LP: #691345). -- Kees CookThu, 16 Dec 2010 18:14:49 -0800 ** Changed in: netkit-tftp (Ubuntu Natty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tftp-hpa in ubuntu. https://bugs.launchpad.net/bugs/691345 Title: buffer overflow in tftp -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 691345] Re: buffer overflow in tftp
** Changed in: netkit-tftp (Ubuntu Natty) Status: Confirmed => Fix Committed ** Changed in: netkit-tftp (Ubuntu Natty) Assignee: (unassigned) => Kees Cook (kees) ** Changed in: netkit-tftp (Ubuntu Natty) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tftp-hpa in ubuntu. https://bugs.launchpad.net/bugs/691345 Title: buffer overflow in tftp -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 691345] Re: buffer overflow in tftp
This bug was fixed in the package tftp-hpa - 5.0-18ubuntu2 --- tftp-hpa (5.0-18ubuntu2) natty; urgency=low * debian/patches/04-use-memcpy-for-header.patch: fix FORTIFY-detected potential memory corruption (LP: #691345). -- Kees CookThu, 16 Dec 2010 17:44:44 -0800 ** Changed in: tftp-hpa (Ubuntu Natty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tftp-hpa in ubuntu. https://bugs.launchpad.net/bugs/691345 Title: buffer overflow in tftp -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 691345] Re: buffer overflow in tftp
** Changed in: tftp-hpa (Ubuntu) Status: New => Fix Committed ** Changed in: tftp-hpa (Ubuntu) Assignee: (unassigned) => Kees Cook (kees) ** Changed in: tftp-hpa (Ubuntu) Importance: Undecided => Medium ** Changed in: netkit-tftp (Ubuntu) Status: New => Confirmed ** Also affects: netkit-tftp (Ubuntu Natty) Importance: Undecided Status: Confirmed ** Also affects: tftp-hpa (Ubuntu Natty) Importance: Medium Assignee: Kees Cook (kees) Status: Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tftp-hpa in ubuntu. https://bugs.launchpad.net/bugs/691345 Title: buffer overflow in tftp -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 691345] Re: buffer overflow
Crashes attached. ** Attachment added: "691345.txt" https://bugs.launchpad.net/ubuntu/+source/netkit-tftp/+bug/691345/+attachment/1768201/+files/691345.txt ** Summary changed: - buffer overflow + buffer overflow in tftp ** Description changed: Binary package hint: tftp-hpa I'm getting a buffer overflow from tftp in both tftp-hpa and tfp packages in Natty. I'll attach each below. Looks like something exposed by Natty's updated toolchain, as I'm not seeing this error in Maverick or Lucid. - --- + --- Architecture: amd64 DistroRelease: Ubuntu 11.04 EcryptfsInUse: Yes InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha amd64 (20101202) Package: tftp-hpa 5.0-18ubuntu1 PackageArchitecture: amd64 ProcEnviron: - LANGUAGE=en_US:en - PATH=(custom, user) - LANG=en_US.UTF-8 - LC_MESSAGES=en_US.utf8 - SHELL=/bin/bash + LANGUAGE=en_US:en + PATH=(custom, user) + LANG=en_US.UTF-8 + LC_MESSAGES=en_US.utf8 + SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.37-9.23-generic 2.6.37-rc5 Tags: natty Uname: Linux 2.6.37-9-generic x86_64 UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare + + + kirkl...@x201:~$ tftp dalmation + tftp> get cpuinfo + *** buffer overflow detected ***: tftp terminated + === Backtrace: = + /lib/libc.so.6(__fortify_fail+0x37)[0x7f5079977557] + /lib/libc.so.6(+0xfe410)[0x7f5079976410] + tftp[0x4015f1] + tftp[0x402065] + tftp[0x4036c9] + /lib/libc.so.6(__libc_start_main+0xfe)[0x7f5079896d8e] + tftp[0x4014d9] + === Memory map: + 0040-00406000 r-xp 08:01 6297104 /usr/bin/tftp + 00605000-00606000 r--p 5000 08:01 6297104 /usr/bin/tftp + 00606000-00607000 rw-p 6000 08:01 6297104 /usr/bin/tftp + 00607000-00627000 rw-p 00:00 0 + 0174d000-0176e000 rw-p 00:00 0 [heap] + 7f5078e33000-7f5078e48000 r-xp 08:01 3932219 /lib/libgcc_s.so.1 + 7f5078e48000-7f5079047000 ---p 00015000 08:01 3932219 /lib/libgcc_s.so.1 + 7f5079047000-7f5079048000 r--p 00014000 08:01 3932219 /lib/libgcc_s.so.1 + 7f5079048000-7f5079049000 rw-p 00015000 08:01 3932219 /lib/libgcc_s.so.1 + 7f5079049000-7f507905f000 r-xp 08:01 3932328 /lib/libresolv-2.12.1.so + 7f507905f000-7f507925e000 ---p 00016000 08:01 3932328 /lib/libresolv-2.12.1.so + 7f507925e000-7f507925f000 r--p 00015000 08:01 3932328 /lib/libresolv-2.12.1.so + 7f507925f000-7f507926 rw-p 00016000 08:01 3932328 /lib/libresolv-2.12.1.so + 7f507926-7f5079262000 rw-p 00:00 0 + 7f5079262000-7f5079267000 r-xp 08:01 3932280 /lib/libnss_dns-2.12.1.so + 7f5079267000-7f5079466000 ---p 5000 08:01 3932280 /lib/libnss_dns-2.12.1.so + 7f5079466000-7f5079467000 r--p 4000 08:01 3932280 /lib/libnss_dns-2.12.1.so + 7f5079467000-7f5079468000 rw-p 5000 08:01 3932280 /lib/libnss_dns-2.12.1.so + 7f5079468000-7f507946a000 r-xp 08:01 3932288 /lib/libnss_mdns4_minimal.so.2 + 7f507946a000-7f5079669000 ---p 2000 08:01 3932288 /lib/libnss_mdns4_minimal.so.2 + 7f5079669000-7f507966a000 r--p 1000 08:01 3932288 /lib/libnss_mdns4_minimal.so.2 + 7f507966a000-7f507966b000 rw-p 2000 08:01 3932288 /lib/libnss_mdns4_minimal.so.2 + 7f507966b000-7f5079677000 r-xp 08:01 3932282 /lib/libnss_files-2.12.1.so + 7f5079677000-7f5079876000 ---p c000 08:01 3932282 /lib/libnss_files-2.12.1.so + 7f5079876000-7f5079877000 r--p b000 08:01 3932282 /lib/libnss_files-2.12.1.so + 7f5079877000-7f5079878000 rw-p c000 08:01 3932282 /lib/libnss_files-2.12.1.so + 7f5079878000-7f50799f2000 r-xp 08:01 3932207 /lib/libc-2.12.1.so + 7f50799f2000-7f5079bf1000 ---p 0017a000 08:01 3932207 /lib/libc-2.12.1.so + 7f5079bf1000-7f5079bf5000 r--p 00179000 08:01 3932207 /lib/libc-2.12.1.so + 7f5079bf5000-7f5079bf6000 rw-p 0017d000 08:01 3932207 /lib/libc-2.12.1.so + 7f5079bf6000-7f5079bfb000 rw-p 00:00 0 + 7f5079bfb000-7f5079c1b000 r-xp 08:01 3932183 /lib/ld-2.12.1.so + 7f5079df8000-7f5079dfb000 rw-p 00:00 0 + 7f5079e16000-7f5079e1b000 rw-p 00:00 0 + 7f5079e1b000-7f5079e1c000 r--p 0002 08:01 3932183 /lib/ld-2.12.1.so + 7f5079e1c000-7f5079e1d000 rw-p 00021000 08:01 3932183 /lib/ld-2.12.1.so + 7f5079e1d000-7f5079e1e000 rw-p 00:00 0 + 7fffbc9fb000-7fffbca1d000 rw-p 00:00 0 [stack] + 7fffbcbcf000-7ff
[Bug 691345] Re: buffer overflow
apport information ** Tags added: apport-collected ** Description changed: Binary package hint: tftp-hpa I'm getting a buffer overflow from tftp in both tftp-hpa and tfp packages in Natty. I'll attach each below. - Looks like something exposed by Natty's updated toolchain, as I'm not - seeing this error in Maverick or Lucid. + Looks like something exposed by Natty's updated toolchain, as I'm not seeing this error in Maverick or Lucid. + --- + Architecture: amd64 + DistroRelease: Ubuntu 11.04 + EcryptfsInUse: Yes + InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha amd64 (20101202) + Package: tftp-hpa 5.0-18ubuntu1 + PackageArchitecture: amd64 + ProcEnviron: + LANGUAGE=en_US:en + PATH=(custom, user) + LANG=en_US.UTF-8 + LC_MESSAGES=en_US.utf8 + SHELL=/bin/bash + ProcVersionSignature: Ubuntu 2.6.37-9.23-generic 2.6.37-rc5 + Tags: natty + Uname: Linux 2.6.37-9-generic x86_64 + UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare ** Attachment added: "Dependencies.txt" https://bugs.edge.launchpad.net/bugs/691345/+attachment/1768199/+files/Dependencies.txt -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tftp-hpa in ubuntu. https://bugs.launchpad.net/bugs/691345 Title: buffer overflow in tftp -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
