Bug 963781 (CVE-2016-0742) - VUL-0: CVE-2016-0742: nginx-1.0: Invalid pointer dereference during DNS server response processing
Summary: VUL-0: CVE-2016-0742: nginx-1.0: Invalid pointer dereference during DNS serve...
Status: RESOLVED FIXED
Alias: CVE-2016-0742
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/161339/
Whiteboard: CVSSv2:SUSE:CVE-2016-0742:4.3:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-01-27 13:09 UTC by Johannes Segitz
Modified: 2019-02-06 15:46 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-01-27 13:09:33 UTC 
CVE-2016-0742
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806

Invalid pointer dereference might occur during DNS server response
processing, allowing an attacker who is able to forge UDP
packets from the DNS server to cause worker process crash.

The problems affect nginx 0.6.18 - 1.9.9 if the "resolver" directive
is used in a configuration file.

The problems are fixed in nginx 1.9.10, 1.8.1.
http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0742.html
Comment 1 Swamp Workflow Management 2016-01-28 23:01:09 UTC 
bugbot adjusting priority
Comment 2 Andreas Stieger 2016-01-29 16:54:04 UTC 
openSUSE update running
Comment 3 Swamp Workflow Management 2016-02-07 19:17:27 UTC 
openSUSE-SU-2016:0371-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 963775,963778,963781
CVE References: CVE-2016-0742,CVE-2016-0746,CVE-2016-0747
Sources used:
openSUSE Leap 42.1 (src):    nginx-1.8.1-5.1
Comment 4 Stefan Schubert 2016-02-08 13:56:34 UTC 
As Markus docu says: 
https://w3.suse.de/~meissner/SUSE-LunchAndLearn-SLE-Maintenance.pdf
I have sent a reqeust to SUSE:Maintenance:
https://build.suse.de/request/show/93470

I have tested this fix with WebYaST.
Comment 5 Marcus Meissner 2016-03-03 12:08:46 UTC 
The submit was not fully correct, but i will fix it up as it also needs GeoIP branched in.
Comment 7 Marcus Meissner 2016-05-04 14:25:52 UTC 
released
Comment 8 Swamp Workflow Management 2016-05-04 16:09:34 UTC 
SUSE-SU-2016:1232-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 963775,963778,963781
CVE References: CVE-2016-0742,CVE-2016-0746,CVE-2016-0747
Sources used:
SUSE Webyast 1.3 (src):    GeoIP-1.4.7-2.10.1, nginx-1.0-1.0.15-0.29.2
SUSE Studio Onsite 1.3 (src):    GeoIP-1.4.7-2.10.1, nginx-1.0-1.0.15-0.29.2
SUSE Lifecycle Management Server 1.3 (src):    GeoIP-1.4.7-2.10.1, nginx-1.0-1.0.15-0.29.2