oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC

From: Florian Weimer <fweimer () redhat com>
Date: Mon, 7 Mar 2016 22:10:33 +0100
Alexander Cherepanov discovered that the glob implementation in glibc
does not correctly handle overlong names in struct dirent buffers when
GLOB_ALTDIRFUNC is used.

Upstream bug report:

  <https://sourceware.org/bugzilla/show_bug.cgi?id=CVE-2016-1234>

Florian
Previous By Date Next
Previous By Thread Next

Current thread: