oss-sec mailing list archives
Re: an out of bound read is found in libdwarf -20151114
From: cve-assign () mitre org
Date: Thu, 28 Jan 2016 11:45:12 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 [ The Subject line was changed from the original "Re:Re: Buffer Overflow in lha compression utility" because that was unrelated to the topic. ]
http://www.openwall.com/lists/oss-security/2016/01/19/3
an out of bound read is found in libdwarf -20151114. *** DWARF CHECK: DW_DLE_DEBUG_FRAME_LENGTH_NOT_MULTIPLE len=0x00000010, len size=0x00000004, extn size=0x00000000, totl length=0x00000014, addr size=0x00000008, mod=0x00000004 must be zero in cie, offset 0x00000000. *** 7 ==53495== Invalid read of size 2 1 ==53495== at 0x4C2F7E0: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 2 ==53495== by 0x43287F: dwarf_read_cie_fde_prefix (dwarf_frame2.c:934)
Use CVE-2016-2091. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWqkTOAAoJEL54rhJi8gl5rSQP/jeiWzTqajFg+zQat/7oiqrF dEclF+0xce6DBqrRwdqW+K5rYDiOFgjpXTzIJytQ02ekrsL0kgKuBOJIDtde8C3/ wx2anCEr+AbdUwyUjGvKnfyq+VO5ArA/tgvzNuOE5lLS/UlUUDKoYeJQK4olahAc k7Lw16y6u61d4eNzDfdE85RFa4ze+TVEC1rIt2rq3dXCxIf81GFvifVXvesgG2td EEwnDJUMRAL4fFBsYqZf5uU19B6QqWIRj9Yxmaeo6Levk5ssAqWk88DJgJcaxM2s S8hUjMKT25vvXRLmwqklA9Mg6Fv4eAdeQQ9jJ8l7u/g7u/jDr+MC+6FWuP02aO1S xbAf4PIFHp/e/zjmUJ2V52nbcYuIWjo5HdacTuHNEJS7HkmGfOTbwPHYqiAGzm00 zi8bdXgfZnndgFYwzRB1uNIRaqjdZH1RkA7CK9CDUmbRq4y2y3k310kuVhwZBxAQ rNCUiY8uIYUay07nYK7947R2a8KYHxGrHpZAbjd5knONwi7Req0h/B063i7xYOzM K2Qs8bny21qZxOXei0Daej7tWAjzmV7d4KQm5IeZN0nvRiqKOCuc1V4qMvGvikH1 Mtu8XuhHYEP1TGEg0NbgJVUpAXirsgphJF/+RueC4P0bVXfrlLkmDGjljC9kHdGv VkDBB/uOHOFYYZ+Fa7O9 =Xfoe -----END PGP SIGNATURE-----
Current thread:
- Buffer Overflow in lha compression utility Paris Zoumpouloglou (Jan 18)
- Re: Buffer Overflow in lha compression utility cve-assign (Jan 18)
- Re:[oss-security] Re: Buffer Overflow in lha compression utility xiaoqixue_1 (Jan 19)
- Re: an out of bound read is found in libdwarf -20151114 cve-assign (Jan 28)
- a bug in gif2rgb.c in giflib-5.1.2 xiaoqixue_1 (Jan 26)
- Re: a bug in gif2rgb.c in giflib-5.1.2 cve-assign (Jan 26)
- Re:[oss-security] Re: a bug in gif2rgb.c in giflib-5.1.2 xiaoqixue_1 (Jan 28)
- Re:[oss-security] Re: Buffer Overflow in lha compression utility xiaoqixue_1 (Jan 19)
- Re: Buffer Overflow in lha compression utility cve-assign (Jan 18)