oss-sec mailing list archives
CVE-2017-9334 CHICKEN Scheme: denial of service due to invalid pointer dereference
From: Peter Bex <peter () more-magic net>
Date: Thu, 1 Jun 2017 09:23:13 +0200
Hi all, I just received my assignment of CVE-2017-9334 for this issue: An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. Original announcement: http://lists.nongnu.org/archive/html/chicken-announce/2017-05/msg00000.html Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html Cheers, Peter
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2017-9334 CHICKEN Scheme: denial of service due to invalid pointer dereference Peter Bex (Jun 01)