Bugzilla – Bug 941137
VUL-0: CVE-2015-5177: openslp: double free in SLPDProcessMessage()
Last modified: 2015-08-10 13:28:23 UTC
CVE-2015-5177 via redhat: ----------------------- A double free flaw was found in openslp's SLPDProcessMessage() function. A crafted package could cause openslp to crash. This flaw only affects version 1.2.1 of openslp, which is only shipped in EPEL 5. Version 2.0.0 is not affected. OpenSLP is not actively maintained upstream so patches are not available. Acknowledgements: Red Hat would like to thank Qinghao Tang of QIHU 360 for reporting this issue. ----------------------- SLE/openSUSE versions: SLE-12: openslp-2.0.0 SLE-11-SPx: openslp-1.2.0 SLE-10-SP3: openslp-1.2.0 openSUSE:Factory: openslp-2.0.0 openSUSE:13.2: openslp-2.0.0 openSUSE:13.1: openslp-1.2.0 References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5177 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5177 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5177.html
Oh well. Fortunately we already patch this ("openslp.knowndafree.diff"). The double free was reported by the OES guys and fixed in 2011. See bug #667953