oss-sec mailing list archives
Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName
From: <cve-assign () mitre org>
Date: Thu, 24 Nov 2016 19:51:34 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://bugzilla.redhat.com/show_bug.cgi?id=1383569
http://bugs.icu-project.org/trac/ticket/10891 http://bugs.icu-project.org/trac/changeset/35699
https://bugs.php.net/bug.php?id=67397
Note that the PHP bug is exactly the same flaw, but they worked around it by limiting the length of strings passed to icu. I don't believe this needs a separate CVE even though it was "fixed" independently.
Use CVE-2014-9911 for the ICU vulnerability, and use CVE-2014-9912 for the PHP vulnerability. Admittedly, the code changes in ICU and PHP had the same motivation. However, the code is not shared between ures_getByKeyWithFallback in ICU and get_icu_disp_value_src_php in PHP. Thus, two CVE IDs exist. This is also consistent with similar ICU/PHP situations in the http://www.openwall.com/lists/oss-security/2016/07/24/2 and http://www.openwall.com/lists/oss-security/2016/09/15/10 posts. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYN4pmAAoJEHb/MwWLVhi2iXQP/0p5ye6sA3p3BNLXi1HvLKN3 kTljswgWfZxD5/GINLjMGzf0Gr94weE6GfbxmrYbenjmghKTPU+tRgfpOd6TwteU kai0Vuluk020bYb9d769qyYc47rzKZ0h5FJCc/Ef+kQNWPMOHS+ogF8D11p575W0 gFZyiw9h5HNHT7A5VV1NisFN607Q3IwJncNZfI1PLwZJ/t1dtNI8HGsKZCo5tlKq ZdWIibAuVThj9k4OKmZfdxe3SHInFv2dfDoLXwQH+hwnLLs7xkN3X5Tu/PXpkqtV cc/eqZTRW1TSxou4p0S8T7d410z3WArVecVNfFZxv58xua+Goj/bXwPRuAUQTY8q SpuR3NDwFoM23IURqTStQ/+NXbhGtjJpUltQjZ776hBEm/S/rljYMA5sJs4sBtjI VsiA8jqjeewOheQQnEOA/VVH8JvQQ8AATOKD6gRkDCuxTYwhemabzR9jUOpVP/Cv 9f/4e/KIYug2wHcfTtEoqZEGtgIEQRdcGpEjOq7y7X9ETMWnTRNh1iIzKVOilFyv uCcNE1m0JJPALb0p72AqDb5rEL8cWynrvNQrcLifONF5/65uEa+5Hi4rXhayaQN1 MDo0OTwKJUw90vhEeLP+hTx3bQJtp6bRTfz1avIhEmG0DmoErm9opAj/pK7o8uWV 1EQnxE97WQjHimhYejXd =jGfq -----END PGP SIGNATURE-----
Current thread:
- CVE request: icu: stack-based buffer overflow in uloc_getDisplayName Doran Moppert (Nov 24)
- Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName cve-assign (Nov 24)
- Re: Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName Steven R. Loomis (Nov 25)
- Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName cve-assign (Nov 24)