Discussion:
CVE-2018-19591: glibc if_nametoindex may not close descriptor
(too old to reply)
Florian Weimer
2018-11-27 21:04:31 UTC
Permalink
Guido Vranken reported that the glibc implementation of if_nametoindex
would not close an internal descriptor when processing a long interface
name. This error condition can be triggered via the getaddrinfo
function (and at least one HTTP client library).

<https://sourceware.org/bugzilla/show_bug.cgi?id=23927>

Fixed with this upstream commit:

commit d527c860f5a3f0ed687bd03f0cb464612dc23408
Author: Florian Weimer <***@redhat.com>
Date: Tue Nov 27 16:12:43 2018 +0100

CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

The vulnerability was introduced in commit
2180fee114b778515b3f560e5ff1e795282e60b0 ("Check length of ifname before
copying it into to ifreq structure."), fixing bug 22442 for glibc 2.27.
Since this addressed a compiler warning with GCC 8, this commit was
backported to quite a few release branches.

Thanks,
Florian

Loading...