[v3.1] socat: DoS with fork (CVE-2015-1379)
Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
(from redmine: issue id 3882, created on 2015-02-02, closed on 2015-03-16)
- Relations:
- parent #3878 (closed)
- Changesets:
- Revision 555b6d32 by Natanael Copa on 2015-03-13T14:21:49Z:
main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)
fixes #3882