Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request -- Corosync (X < 2.0.3): Remote DoS due improper HMAC initialization and improper junk filtering when different encryption keys used
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 1 Feb 2013 11:26:52 -0500 (EST)

Hello Kurt, Steve, vendors,

  Corosync upstream has recently released 2.0.3 version correcting
one security issue:

A denial of service flaw was found in the way Corosync,
the cluster engine and application programming interfaces,
performed processing of certain network packets, when different
encryption keys were used. Previously the HMAC key was not initialized
properly, which allowed certain packets to pass through to the internal
phases of the Corosync packet validation process, possibly leading
to corosync daemon crash.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=906834
[2] http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097833.html
[3] http://lwn.net/Vulnerabilities/535234/
[4] https://bugs.mageia.org/show_bug.cgi?id=8905

The HMAC initialization has been corrected in upstream via:
[5] https://github.com/corosync/corosync/commit/b3f456a8ceefac6e9f2e9acc2ea0c159d412b595

but there might be more changes needed (Cc-in Fabio and Jan).

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]