oss-sec mailing list archives
Re: CVE request - a out of bound read bug is found in libdwarf
From: cve-assign () mitre org
Date: Thu, 10 Dec 2015 01:16:16 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://bugzilla.redhat.com/show_bug.cgi?id=1289385
if an elf file is passed to dwarfdump, a SIGSEGV will occur in libdwarf/dwarf_leb.c
The actual problem is this seemingly corrupt abbreviation entry:
Use CVE-2015-8538. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWaRhNAAoJEL54rhJi8gl5zsMQAJTvBRQAkohxJslPhvlqAY1X FIwHDq7SE92ETTjdzIIx0fYl08B1IeypEDHU9jXFWV82HTKod+B+AKZdSr7AK3/d xG/U+3c5ZCqc9eh37H+Qsjnu1+ep5YeP3suCGcVc3y0Rg/7NwYopJf0u8dp97LdN P0VEpe9wpW4YXjIzx3kglYEo50T+dCq0ogQu2qbdJ5e/GERyF8r+uVaQt3N3BGOw KaR9iG6dHni4pQngQwyTZ1L8u+zZZN3HQYi39QAU4duIizCZ64eO+WZfBT/SZZSR 2Y9oBE3ofIZzPtmUhkl2AJBnVzbcIeQ5AgpQelygdXhEEf/f3qAeGx3WP3260klp JfRIwIaoAsUh26AGBoS4wLDN3eQWtDs0nW/pS7oOkui5SgNezNpHk4GWfwjBN8wN 9j5oD2QCMI96FN1U7l03rkQqo1tu7kofyIRYbrNNiGrDHS+06Ms7Dk3eZR94+luK Kli9QP9D0RWI/B1kGWswtmjzW371arETtcnW8SyfEMxlw6pdRRR3XW9Ju3LYH+lA YOU9Y10bRqPDdZlBbQ+MR7tPpGENZ0YunF+M42xkwrThmlThr1yRkQfC6Ycj7z91 1OZuvF/JkC7wNsgRCxWvkwphNdCzGyZMADP+denGtRRvXS4QbyhNEs/qvf3VPmuV vM5pS7axMWA6nnbII5Q3 =G32C -----END PGP SIGNATURE-----
Current thread:
- CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key Wade Mealing (Dec 08)
- CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key xiaoqixue_1 (Dec 09)
- CVE request - a out of bound read bug is found in libdwarf xiaoqixue_1 (Dec 09)
- Re: CVE request - a out of bound read bug is found in libdwarf cve-assign (Dec 09)
- CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) xiaoqixue_1 (Dec 10)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 10)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 17)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) cve-assign (Dec 11)
- Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 11)
- CVE request - a out of bound read bug is found in libdwarf xiaoqixue_1 (Dec 09)
- CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key xiaoqixue_1 (Dec 09)