oss-sec mailing list archives
Re: CVE Request: libX11: buffer overflow in MakeBigReq macro
From: cve-assign () mitre org
Date: Thu, 9 Apr 2015 03:09:30 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The MakeBigReq macro in libX11 contained a 4-byte buffer overflow: https://bugs.freedesktop.org/show_bug.cgi?id=56508 Fixed by the following commit in libX11 1.5.99.901: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39547d600a13713e15429f49768e54c3173c828d
(for the "#ifdef LONG64")
- memmove(((char *)req) + 8, ((char *)req) + 4, _BRlen << 2); \ + memmove(((char *)req) + 8, ((char *)req) + 4, (_BRlen - 1) << 2); \
(for the "else")
- memmove(((char *)req) + 8, ((char *)req) + 4, _BRlen << 2); \ + memmove(((char *)req) + 8, ((char *)req) + 4, (_BRlen - 1) << 2); \
Use CVE-2013-7439. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVJiVPAAoJEKllVAevmvmssDcH/iutsG0E3niDH2KbFs7BSPnn +rxzJopR3k7Cg8yVvzA72yBiVizVs9Exi86lLyRav1Xw0naxM/ljiNs2FFGbjK+7 AnCyDZbQadTaexTVyO0nU773TmmoKWN2NRoWtMhLQ2O+q2wCwSeO3f/9gLEi56uG KasHobQEHd/Pe7FxCreJJr9wZ0X8FNIquPUbUV9uwmQtHoHQhuHuBB9NrEsApwWv zWICm3WbgdeFDvq+s3PClhmuteHdDWVT7YQhlBNxvegHXmiFcVxkkbJNK9FZv76X NsaBD2nhzdqa24KrxQCSpN9zvvOu72Mw3yf2bu1CIL9cmj2Nl1RbJH2vp+5G1Fc= =56XR -----END PGP SIGNATURE-----
Current thread:
- CVE Request: libX11: buffer overflow in MakeBigReq macro Marc Deslauriers (Apr 07)
- Re: CVE Request: libX11: buffer overflow in MakeBigReq macro cve-assign (Apr 09)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Florian Weimer (Apr 09)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Marc Deslauriers (Apr 09)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Yann Droneaud (Apr 09)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Alan Coopersmith (Apr 14)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Alan Coopersmith (Apr 09)
- Re: Re: CVE Request: libX11: buffer overflow in MakeBigReq macro Florian Weimer (Apr 09)
- Re: CVE Request: libX11: buffer overflow in MakeBigReq macro cve-assign (Apr 09)
- Re: CVE Request: libX11: buffer overflow in MakeBigReq macro cve-assign (Apr 09)