git: fe2d179712 - main - Update FreeBSD-SA-20:32.rtsold to include additional CVE.
Gordon Tetlow
gordon at FreeBSD.org
Mon Mar 29 18:58:31 UTC 2021
The branch main has been updated by gordon (src committer):
URL: https://cgit.FreeBSD.org/doc/commit/?id=fe2d179712770d39af278fa1618cdcf8774b673d
commit fe2d179712770d39af278fa1618cdcf8774b673d
Author: Gordon Tetlow <gordon at FreeBSD.org>
AuthorDate: 2021-03-29 18:55:45 +0000
Commit: Gordon Tetlow <gordon at FreeBSD.org>
CommitDate: 2021-03-29 18:58:16 +0000
Update FreeBSD-SA-20:32.rtsold to include additional CVE.
Approved by: so
---
.../advisories/FreeBSD-SA-20:32.rtsold.asc | 40 ++++++++++++----------
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/website/static/security/advisories/FreeBSD-SA-20:32.rtsold.asc b/website/static/security/advisories/FreeBSD-SA-20:32.rtsold.asc
index c80dc2664d..83f1111643 100644
--- a/website/static/security/advisories/FreeBSD-SA-20:32.rtsold.asc
+++ b/website/static/security/advisories/FreeBSD-SA-20:32.rtsold.asc
@@ -17,12 +17,16 @@ Corrected: 2020-12-01 19:35:48 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:39:44 UTC (releng/12.1, 12.1-RELEASE-p11)
2020-12-01 19:36:37 UTC (stable/11, 11.4-STABLE)
2020-12-01 19:39:44 UTC (releng/11.4, 11.4-RELEASE-p5)
-CVE Name: CVE-2020-25577
+CVE Name: CVE-2020-25577, CVE-2020-25583
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
+0. Revision History
+v1.0 2020-12-01 Initial release.
+v1.1 2020-03-29 Allocate additional CVE.
+
I. Background
As part of the stateless address autoconfiguration (SLAAC) mechanism, IPv6
@@ -47,12 +51,12 @@ rtsold(8) failed to perform sufficient bounds checking on the extent of the
option. In particular, it does not verify that the option does not extend
past the end of the received packet before processing its contents. The
kernel currently ignores such malformed packets but still passes them to
-userspace programs.
+userspace programs. [CVE-2020-25577]
Second, when processing a DNSSL option, rtsold(8) decodes domain name labels
per an encoding specified in RFC 1035 in which the first octet of each label
contains the label's length. rtsold(8) did not validate label lengths
-correctly and could overflow the destination buffer.
+correctly and could overflow the destination buffer. [CVE-2020-25583]
III. Impact
@@ -134,23 +138,23 @@ VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25577>
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25583>
+
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-20:32.rtsold.asc>
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl/GndZfFIAAAAAALgAo
-aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
-MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cIUXQ/+K/FAB22beBBiOUDaRMF0n4a/umwvwX2BAy7PsLIzRcYL8ydhvTWPXQnU
-KssmRoi0eobczpIYgIqTDNDTI46UErEvfoCBTIiY+uedER77FKxesfnO/9S3owvh
-8uP+WCMzZXRfNvIYqEsK43ipm3LL4rDfUNLEdeFj0bLlwEwiTJaXsdLayJ3KpanN
-A3ykePDXnQD41BcDcotvzSV6r7o5dbCILI4K4zEOSCAXBP1Du16J/K/aHOWahJ20
-Ex6YFg0llH3VkAVE9iGdHLGFqakjobUhm+LzV9ShAkXZqZs3Hx+p8dfM4w7aicCM
-f6Nn0rLlb4ZdSmMnbsexoZZwO0v2dQNHd1EEtQD6zjJfey1auJKJLTcLoWXH+3mm
-w5eOjjmqdOkab0h224q8jidhgyUm1c8By5H5aZ79y5SpRG0mfuS82Z6uIAf0KKZ3
-uIzPswc0YtI30M638ZCKCug3gxwZu4EG7P08/Ab4B0fpyfqqLy6KVsMdH6w64R6+
-64twgiVPuM3DpokvTfdcQLp13IHeMJwkpdc/SICyg3NDAFJZMcIe6eqjko5FsNnH
-RSjA0SHRKyl303OLR+jUHe64m+LISyNne+fC1VoThbqQ1f5nWX9PlF4VjRu30Wz4
-8VcmRCehMT1G1aIEGG74zKDeWDP6+bGeieBU7Pa/jfr/aI88Hw0=
-=5tIC
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmBiFPkACgkQ05eS9J6n
+5cKGWhAAjFZJ+ig3fyy23JYbyYp/+18dkdJmfkxkxO8jwguYnA7/rhmSDHp0BA6P
+XvGRxt6+zfyU2AwlFrS4ZQ5yu5IgUtRO2iEWikw185ym0nrgj5BGhdmQ7OBrI4XL
+foHyth5aTD/1OaizT0OWR5CPSo0Hzm6ZDCuSAV0sPMyFPFiUviKt2UiLfn9caZpA
+lNg1lzkfQFMWk6Dpz5v7EfeXRkx7QFlaoUxV5Vu2pgAmVWMaxqqjzmGlHWpFTJU5
+S0aJ+ikbDJyzUkodRmgjO2XQsf1RGq7IsOryE1Srhui59EPjHKfo9O8HqIGt/92Q
+6l1qt4n96whoNh21pvzOlix8lFICgRaybT8itdvREMjA7WvFrjCBCVIHIOuW0QXN
+RpByBM3IfF3JaBFb5Hww9LIBa+PoxbJ4oR8tFQb5g0omWvyqbjReD8IldPQisIbz
+o7tOxeeF3JXVvH7yYVZOX6vFeQDnxs35JgB46kYSWhOu9xfuJgi6MsYhvHzdntg3
+Yt+sCd3fjeUf8Wk6QPpgwmYGVJuZstpJlL7J0G76kSl9T8vMDIaFrl21YwVh/bHt
+omKr1hlztNW97hGI2xg1nquAB82MtmAEqAmTJrjslPULCctMl8zv0OrqBmHbFIUE
+EicW1izPJm8C4uRiwK/PqSPcmKH7HwhBxR5LjZS5yBl8Y2AU2XE=
+=JlJ7
-----END PGP SIGNATURE-----
More information about the dev-commits-doc-all
mailing list