[Pkg-utopia-maintainers] Bug#517683: Bug#517683: avahi-daemon: reflector creates packet storm on legacy unicast traffic
Michael Biebl
biebl at debian.org
Thu Mar 19 15:19:52 UTC 2009
Rob Leslie wrote:
> Package: avahi-daemon
> Version: 0.6.23-3lenny1
> Severity: important
> Tags: patch
>
> The avahi-daemon reflector contains a bug that causes packet storms when
> reflecting legacy unicast mDNS traffic. What happens is the reflector
> forwards the initial multicast query onto the other interfaces, and then
> receives it back from the same interfaces (IP_MULTICAST_LOOP) but doesn't
> recognize it as the legacy unicast packet it just forwarded. It therefore
> acts as though it were a separate query and forwards it back onto all the
> other interfaces (including the original) and the process repeats ad
> infinitum -- until the box locks up (I've had some automatically reboot via
> watchdog) or if lucky the legacy unicast reflection slots that avahi-daemon
> maintains will fill up and the storm will abate. A symptom of the latter
> case is the syslog message "No slot available for legacy unicast reflection,
> dropping query packet." (See also Avahi ticket #216 which seems to be
> indicative of this problem.)
>
> The problem is that the originates_from_local_legacy_unicast_socket()
> routine in avahi-core/server.c fails to take the network byte order of
> .sin_port into account when examining incoming multicast packets. The
> attached patch corrects this problem.
>
Hi Rob,
thanks for the bug report and the patch.
Looks like this is filed as CVE-2009-0758 [1]
Nico, do you consider that important enough for a s-s-u upload?
Cheers,
Michael
[1] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0758
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20090319/34b7e616/attachment-0001.pgp
More information about the Pkg-utopia-maintainers
mailing list