Operating System:

[Debian]

Published:

08 December 2022

Protect yourself against future threats.

//Service

Early Warning SMS

Receive SMS notifications for the most critical security threats and vulnerabilities.

Read more
Resources > Security Bulletins > ESB-2022.6385 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.6385
                        dlt-daemon security update
                              8 December 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           dlt-daemon
Publisher:         Debian
Operating System:  Debian GNU/Linux
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-31291 CVE-2020-36244 CVE-2020-29394

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2022/12/msg00016.html

Comment: CVSS (Max):  9.8 CVE-2020-36244 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: NVD
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -----------------------------------------------------------------------
Debian LTS Advisory DLA-3231-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
December 07, 2022                           https://wiki.debian.org/LTS
- - -----------------------------------------------------------------------

Package        : dlt-daemon
Version        : 2.18.0-1+deb10u1
CVE ID         : CVE-2020-29394 CVE-2020-36244 CVE-2022-31291
Debian Bug     : 976228 1014534

dlt-daemon, a Diagnostic Log and Trace logging daemon, had the following
vulnerabilities reported:

CVE-2020-29394

    A buffer overflow in the dlt_filter_load function in dlt_common.c
    from dlt-daemon allows arbitrary code execution because fscanf is
    misused (no limit on the number of characters to be read in the
    format argument).

CVE-2020-36244

    dlt-daemon was vulnerable to a heap-based buffer overflow that
    could allow an attacker to remotely execute arbitrary code.

CVE-2022-31291

    An issue in dlt_config_file_parser.c of dlt-daemon allows attackers
    to cause a double free via crafted TCP packets.

For Debian 10 buster, these problems have been fixed in version
2.18.0-1+deb10u1.

We recommend that you upgrade your dlt-daemon packages.

For the detailed security status of dlt-daemon please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dlt-daemon

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmOQeQsACgkQgj6WdgbD
S5ZnwhAAj0xKxHgJeDvhXAw8Fxonu2px0NfLYDz3nJb2anbiCIzNMNw5ZJDy7uHp
H8FSxOWqTVizmRtT//A/SDaYLHc4U+HcSp0L1cMc3tb4Oh/0ypzOw1/YsOm7z9pg
otepGlGpD8r4u9WsROAC4HlZQ9i2ra3PcC6zrYrHtacEsxunjB6bzlrmKlB5vEMy
GaB/6QVNLoIda5rovff132Gdozq9P4mqYVpo2wWdwr2nnc8man7Kwj8AOTV14p+d
nTYNkiBHCRHMvHBUDx8UZg5Xvl6/VhFosOYk5kjtvyBkR0ozyz/Wkr6fJZE8vOFU
zbfE85GT+sh3h/L7muUE0Kft1C+vMMPjRCwRGhP+wrhzAnTOuelx1pp2q9eY5yDO
/Sn7gWdL4lmx+ly+lbXZljdwGweuKnG8Qrjxl9SePGRYpxkwXqwHtOVbEv6Shp3t
4Kqg5TwKJ1NfsnAT4AvUsHz4ULdg8hLAkb+s9jjWgfMR04snPuwv3rIhU0nZOD3Q
9KnxsYF9O20ZQbBd8xJUgQl+pDcvrlur/4nTnCIzUFMkY5wRx6PtySGeqSi0VkUY
Ehc9PiEdQaHlpmT+sfMFstOUvbvLM2X4u5M7WZi6WyoFPzdHx54eyGk82PSQ+RQK
atb3yNVD4fp4TtkB9ja1q/TJUh+DuCwJAfFCE80Zdj+JZTS1zoA=
=4FfO
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBY5EmwskNZI30y1K9AQj3jg/+KlYbd2I+6JtlP3Q5mjXtZFxZyOy9UKkt
CZTjc4GWYY7KmJJQghlIwCiPzNdvcwH94/RgOEyvShhQxoQusSyFFspoRnZmqsqA
sI4FFu3Tl2VdQQ07EzswRyzdGxjWueQFoSd4IFTcet+vT2cuo2+pA5GiGwXTMViT
oFuFRWlemlzcl4fesSi6m6ipNTazJkA7cmf8gP7Ui/LLJtnbpXCEYMG+r+9OY6YI
DZw82JI8YSuYp7ps4iWbIxmSldwy5J0eSY88pmU7NOjIwkk1hQKWThNo3W8NpuNb
dG4cj8vOmk0deWYBdYkYh4bWT84W7jzcuHp1R4zc9xqqjQujvSk2dg0GSKH3nRAF
81fF2sI3n3IAec3Gsjy7t1fKxLlAll+AwVPYaOr01V2zDf+HSmem/9rOKuDBPXQT
Gw1Q+TG8VMD2AqbkTqqthfRA7CqTfUIh+biLRypIxats+r4n6y3FFB0y6JIMqYw2
yx0neIGzJaJGjjR+pgPWexhl3g6uOR+/oElhFVF7HQiHvzrhh07TiNgVfCNDBQ8u
eKZfDV4W3v5kO4M3FayEQIT1BMNVh2losG4VQef47jEyvvOIZbJlSZ4Pec6ys8i7
CyVqVx3N4/+vUuRADgHGfeEFiYdTc0LfJo5Xyynu5CzMomO3CFM1ief9t0hshOcL
INHFFfHu2X8=
=Qgea
-----END PGP SIGNATURE-----