Candidate: CVE-2012-0840 PublicDate: 2012-02-10 19:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840 http://www.mail-archive.com/dev%40apr.apache.org/msg24439.html http://www.mail-archive.com/dev%40apr.apache.org/msg24473.html Description: tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. Ubuntu-Description: Notes: mdeslaur> from oss-security: "r1231605 and r1231858 cause massive mdeslaur> regressions and test case failures in httpd." (These were mdeslaur> subsequently reverted) mdeslaur> CVE was asked to be cancelled: mdeslaur> http://www.mail-archive.com/dev%40apr.apache.org/msg24609.html mdeslaur> "After extensive consultation with the security projects of various mdeslaur> APR consumers, it's apparent that there are no actual mdeslaur> vulnerabilities to be exploited here." mdeslaur> "These changes do not represent either a security DEFECT nor any mdeslaur> actual security FIX. The APR Project dis-acknowledges the mdeslaur> assignment of CVE-2012-0840 as erroneous, and invalid." mdeslaur> Downgrading priority to "low". Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0840 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655435 https://bugs.launchpad.net/ubuntu/+source/apr/+bug/957727 Priority: low Discovered-by: Assigned-to: CVSS: Patches_apr: upstream: http://svn.apache.org/viewvc?view=revision&revision=1236970 upstream: http://svn.apache.org/viewvc?view=revision&revision=1237078 upstream: http://svn.apache.org/viewvc?view=revision&revision=1237507 upstream_apr: released (1.4.6) hardy_apr: ignored (reached end-of-life) lucid_apr: ignored (reached end-of-life) maverick_apr: ignored (reached end-of-life) natty_apr: ignored (reached end-of-life) oneiric_apr: ignored (reached end-of-life) precise_apr: not-affected (1.4.6-1) quantal_apr: not-affected (1.4.6-1) raring_apr: not-affected (1.4.6-1) saucy_apr: not-affected (1.4.6-1) trusty_apr: not-affected (1.4.6-1) trusty/esm_apr: not-affected (1.4.6-1) utopic_apr: not-affected (1.4.6-1) vivid_apr: not-affected (1.4.6-1) devel_apr: not-affected (1.4.6-1)