Date: Fri, 18 Oct 2013 22:35:31 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/16/2013 03:49 PM, Vincent Danen wrote: > The following was reported to us, but has already been reported > publicly upstream. Could a CVE be assigned to it? > > It was discovered that OpenLDAP, with the rwm overlay to slapd, > could segfault if a user were able to query the directory and > immediately unbind from the server. This seems to be due to the > rwm overlay not doing reference counting properly, so > rwm_conn_destroy frees the session context while rwm_op_search is > using it. This condition also seems to require multiple cores/CPUs > to trigger. > > > References: > > http://www.openldap.org/its/index.cgi/Incoming?id=7723 > https://bugzilla.redhat.com/show_bug.cgi?id=1019490 > > This is currently not fixed upstream. > Please use CVE-2013-4449 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSYgwTAAoJEBYNRVNeJnmTT6AP/R28qsuwa1PEK9gwGsQCN0h7 wScSfy1biQ9EVz/HkgXNHTUBiogAKRAbKX42/FWMjBzt0p5NUW1zRCJdcWfXOPZ7 dfqHPsB7XV+gAsZZNydS3AqGFqiKgTY9VBZn26V2q+RKnStfFyKnBpZJxMoYtzxS dfse3qLREGIPwH1ljpOEaW0hpGIEnpiAoDU1kRCG2bg2GH1Wx8T7OjjcvVGGW38o yNF0g9AYgJoLiWLxYagOjqNJeDRG6Jiu015p40Ta3AG5wrJfpx2xlW+0/PXOu+Vv 8o96LwqAtu9WO0kmAZaSF7vBcOApBceoyMHf+478Um6ZIhKhozUMpVw6QeHl6l77 saoD8rp01vrgjttKtWym/cdQM/khedTuT9JFvcHkWgKIMjd8tFp0fF+ExMMpbYt+ 51Gnwrh8DZ0z4FIne9dib8vxbTkyscGGuhrlj3jmCYYd3b1E24+WpVfRkbLe9aVG kj3ubTngaaKdlSPxoYI9qHVVnGswc57Y6WI3ZX8wgg9FLyyfmBMVc7+wINzsgIFN i862DdNtz7B5fASLDEQGYUihcKRe+/bmiuZCHfixCiu8Hdb/3sSFr+edS+yo8AkL H6xgwe7p4DKM4QIDAymT5zRbdntAWhcGhXFbk63y1tliChvHm+5sOz4QPw9qeKQb 9sYVfzINsHtXegCKGrvZ =NzM8 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.