oss-sec mailing list archives

Re: CVE Request coreutils

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 21 Jan 2013 11:16:58 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/21/2013 07:59 AM, Michael Tokarev wrote:

21.01.2013 18:54, Sebastian Krahmer wrote:

Hi,

Can someone assign a CVE id for a buffer overflow in coreutils? 
Its the same code snippet (coreutils-i18n.patch) and it affects
sort, uniq and join:


It's probably worth to mention that these are SuSE-specific and not
in upstream, if I understand correctly.

https://bugzilla.novell.com/show_bug.cgi?id=798538 
https://bugzilla.novell.com/show_bug.cgi?id=796243 
https://bugzilla.novell.com/show_bug.cgi?id=798541


Thanks,

/mjt


I'm not clear on exploitation. You would have to run sort/uniq/join
against attacker supplied input, and then the sort/uniq/join binaries
would crash. Is there any code execution possible? In general DoS's in
user programs doesn't get CVE's unless the user program loads remote
content easily/commonly (e.g. email/web browsers). Although I could be
wrong, STeve can you confirm that these issues don't need a CVE?

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ/YYaAAoJEBYNRVNeJnmTpAIQAMVV7HiKZ+Pq2YMnVVV3CD1k
YUPr3ruhmW9CFhmgbKfH3sgrp9LxaDWRyLo5nCg1SOy4m2rE9UNpT89AcbVv5gz4
rlhAFZkZsjfjMjd12Ak/qNwzoGlOJEQPVu6GNv5O1TnpzGglQeEudLxxnleJmWdE
zf/CJHESrWOIaJRi/BlsPzA1ur3QP78k2wJ5+J1B0ZSybqNAtv1EhoIzIoEv9CXS
9Lq/LYi2HcIH6dEFxLKoiva6N2R3iT2IkvS7iP+hiorc+qey6U3WWVqwuRPQjnBs
RKjcV33JzZMSx/dJ2UfSxAcReBW6QKtLP1Gt2aREctBb5KkSSVL+tYp+L/KTF5FP
toJa05BTv2EkZ+sqFfny0vZ1hmiAj4e9x7WPKfPcOBZkUB89CpqMjURsqdLx/4wJ
UCvX3SMXyrNEdcwAEHIGkYyqGvt5iH7sT3Fs4oUvxXSoOPHJjtmcsT04OYaB/YjM
W8bVH+WhT5ZA7zk3ePOLOmW7amx2nKN+yEZrbKy2C1sXJe605U+1MBvm5xwJFjkE
RTV2s2CvxciR1WuYMacDX+HgWxifQcpr8hFdISYZxvvZo2egN+52dJS1+BjWdsf1
/JSUpIWUg7Wy3JaA2qf7Q/uCtPcB0oTiBrT65vxJISl1nA/IQHXwtWZ3RI5dfvyt
JtbC/DuLBeoklmfgx+TT
=UBrB
-----END PGP SIGNATURE-----

Current thread:

CVE Request coreutils Sebastian Krahmer (Jan 21)
- Re: CVE Request coreutils Michael Tokarev (Jan 21)
  - Re: CVE Request coreutils Kurt Seifried (Jan 21)
  - Re: CVE Request coreutils Matthias Weckbecker (Jan 22)
    - Re: CVE Request coreutils Kurt Seifried (Jan 23)
- Re: CVE Request coreutils Moritz Muehlenhoff (Jan 21)
  - Re: CVE Request coreutils Vincent Danen (Jan 21)
    - Re: CVE Request coreutils Kurt Seifried (Jan 21)
    - Re: CVE Request coreutils Sebastian Krahmer (Jan 21)
    - Re: CVE Request coreutils Vincent Danen (Jan 22)
    - Re: CVE Request coreutils Sebastian Krahmer (Jan 22)
    - Re: CVE Request coreutils Vincent Danen (Jan 23)
    - Re: CVE Request coreutils Florian Weimer (Jan 22)

(Thread continues...)