oss-sec mailing list archives
Re: [CVE request] Array allocation fixes in libgfortran
From: cve-assign () mitre org
Date: Wed, 23 Jul 2014 22:08:33 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
several CVE-2002-0391-style integer overflows in array allocation in libgfortran https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721
Use CVE-2014-5044. It seems fairly clear that there is only one CVE ID needed. However, can you clarify what definition of "CVE-2002-0391-style integer overflows" you were using? We think you might mean: - any integer overflow caused by multiplying the number of elements in an array by the size of a single element - this includes, but isn't limited to, cases where the array elements represent arguments - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJT0GoDAAoJEKllVAevmvmsFnAH/0NvbICQOkjYCUuhVPkptG1H EHsDkC8Ll+H8vAB9uBBFY5bFPLKNLiVZv7E8Y51X4MqiugwVRgJ4mHxd88LgnI+A 1gsQbW3GR2uphO7MxHFGDNiwAsht0KONUTI+dGvi8gOBiQeLDWWxM5uxoqjc4EwP 5kCa/Vo+d+l6UvSbk2KNqqcWapfVIgDpPGqkFADDQ+UfUfFAOaRj6xV1siBjxgDE ONJbFQIlrXBPWXDnDC5uKycrpdTQGojHuhK+7mLejOHMIc7oT/Fvt3IOMrNn4EVE /frwqAit/n2WkeU52poljl/w6d56Bx2+i33pJy98zYKaOi+eve3AmnisVGhFgoI= =1dP4 -----END PGP SIGNATURE-----
Current thread:
- [CVE request] Array allocation fixes in libgfortran Florian Weimer (Jul 23)
- Re: [CVE request] Array allocation fixes in libgfortran cve-assign (Jul 23)
- Re: Re: [CVE request] Array allocation fixes in libgfortran Florian Weimer (Jul 31)
- Re: [CVE request] Array allocation fixes in libgfortran cve-assign (Jul 23)