Mageia 8: MGASA-2021-0376 Critical: IP Handling Misinterpretation

mageia

July 27, 2021

It was discovered that the perl Net-CIDR-Lite module did not correctly handle IP addresses with IP octets containing leading zeros

Summary

It was discovered that the perl Net-CIDR-Lite module did not correctly handle IP addresses with IP octets containing leading zeros. Leading zeros were ignored, while the underlying system can treat such octets as octal numbers and interpret them differently. For example, IP address of 010.0.0.1 was considered by Net CIDR-Lite to be the same address as 10.0.0.1, while system may consider it to be

References

- https://bugs.mageia.org/show_bug.cgi?id=29025

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LDO7X4TBRIVL4G3GLZBEHFXC7IXMBAMW/

- https://bugzilla.redhat.com/show_bug.cgi?id=1961865

Topics Covered

security advisory critical Mageia IP handling Net-CIDR-Lite

Resolution

SRPMS

- 8/core/perl-Net-CIDR-Lite-0.220.0-1.mga8

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 27 Jul 2021

URL: https://advisories.mageia.org/MGASA-2021-0376.html

Type: security

Topics Covered

security advisory critical Mageia IP handling Net-CIDR-Lite

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: MGASA-2021-0376 Critical: IP Handling Misinterpretation

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: MGASA-2021-0376 Critical: IP Handling Misinterpretation

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!