oss-sec mailing list archives
Re: CVE Assignment for Crypto++ and "AES and incorrect argument to _freea() under Microsoft compilers"
From: cve-assign () mitre org
Date: Fri, 23 Sep 2016 11:25:46 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
a crash in Crypto++'s AES implementation under Microsoft compilers due to use of `_malloca`, `AliasedWithTables` and `_freea`. Crypto++ can potentially free the wrong pointer https://github.com/weidai11/cryptopp/issues/302
if at any point the "space" pointer is changed from its original location by the 256-byte rounding function, you're guaranteed to be in for some pain at _freea time, as _freea refers to a memory address that was never allocated in the first place.
Use CVE-2016-7544. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJX5UhlAAoJEHb/MwWLVhi2SQ8P/37MUnrxMF7PynvK/O7dYgZj h9CP649WDx0v+hl+Z95wYGMX/ciy/iBwiFnCkrIEtT/FhvREtHt1KB06E6ZG0R0N ViqluDFJH+XsbIW1o8ETV/BOR70GPIpQzwwKKOP75qqGUcjKeEZon7LTqUFZgZsu Qn7c14zB7vYe66liSjT6+0bWtgxLK7DG7zbNBbjmw9tBxOG1igAh5qz9G6Kfct4H Pnoo1EZZ7k4qjGliGvoqvHkwfJWrjT89JUntQPBI5JPfTtd1RIjOVDvxCH0qLOXT kd+67l8eW8E1ST/wCJ565FaCAEvUEI25rvnAroL76fN1n2acgmgNmmrBKbLZVqqj n9f+R1DEJeip7eV44A/36n8Jwk7Y8k14aT4FhlboVtgyp9nDnR/jepm5Pn+hfUMr OPQPSOoCWF0O7TZfS6IG8Zf6Dluaw/XTinHLVM+H/SqVgadQJFwRawgbxQYVCrht 21etDccBSvarT8WF6xzLKEgRk18GNFSRt37rfyI3PnR62Vv4I8DrKt5pgtV4D0iz GT7W3gV8x4C7UKtbA+pVnPYbPs7aOczcnH3E+GEIDeeB4r8SKWiDvI4FcDXd9N4V 54rW4IhgBzmPWFUPlEMN6mfaOZHWcvA3XhDRRwo/GT7Mh8FBySXP+m/gWcw9G34I r5UwZOXTT2nm1iMsR7t+ =n5Dw -----END PGP SIGNATURE-----
Current thread:
- CVE Assignment for Crypto++ and "AES and incorrect argument to _freea() under Microsoft compilers" Jeffrey Walton (Sep 23)
- Re: CVE Assignment for Crypto++ and "AES and incorrect argument to _freea() under Microsoft compilers" cve-assign (Sep 23)