Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with SecurityLevel None and with empty AuthFile options) via a crafted UDP packet.
Weakness
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Collectd | Collectd | * | 5.7.1 (including) |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | collectd-0:5.7.2-3.1.el7rhgs | * |
| Red Hat OpenStack Platform 11.0 Operational Tools for RHEL 7 | RedHat | collectd-0:5.7.2-1.1.el7ost | * |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | RedHat | collectd-0:5.7.1-4.el7 | * |
| Red Hat Virtualization Engine 4.1 | RedHat | collectd-0:5.7.1-4.el7 | * |
| Collectd | Ubuntu | artful | * |
| Collectd | Ubuntu | esm-apps/xenial | * |
| Collectd | Ubuntu | esm-infra-legacy/trusty | * |
| Collectd | Ubuntu | precise | * |
| Collectd | Ubuntu | trusty | * |
| Collectd | Ubuntu | trusty/esm | * |
| Collectd | Ubuntu | upstream | * |
| Collectd | Ubuntu | xenial | * |
| Collectd | Ubuntu | yakkety | * |
| Collectd | Ubuntu | zesty | * |
References
- http://www.securityfocus.com/bid/97321
- https://access.redhat.com/errata/RHSA-2017:1285
- https://access.redhat.com/errata/RHSA-2017:1787
- https://access.redhat.com/errata/RHSA-2018:2615
- https://github.com/collectd/collectd/issues/2174
- http://www.securityfocus.com/bid/97321
- https://access.redhat.com/errata/RHSA-2017:1285
- https://access.redhat.com/errata/RHSA-2017:1787
- https://access.redhat.com/errata/RHSA-2018:2615
- https://github.com/collectd/collectd/issues/2174