oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: sagemath denial of service with abort() in gmp: overflow in mpz type

From: Georgi Guninski <gguninski () gmail com>
Date: Wed, 7 Sep 2022 08:36:17 +0300
On Wed, Sep 7, 2022 at 4:32 AM Seth Arnold <seth.arnold () canonical com> wrote:



Could an application that handles secrets and uses GMP use prctl(2)'s
PR_SET_DUMPABLE command to prevent dumping the core file? It'd also
prevent using ptrace-based debugging, so it's not without costs, but if
it handles secrets, that's probably also a good idea.


on ubuntu 20 a lot of stuff depends on libgmp:

$ apt-cache rdepends libgmp10 | wc -l
2442
$ apt-cache rdepends libgmp10 | grep -i crypt | wc -l
28

some examples:
  gcc-9
  gawk
  g++-9
  dnsmasq-base
  cpp-9-s390x-linux-gnu

will the infidels who argue that crash in python is nothing
still will claim that gmp crash in any of the 2442 packages
is still nothing?
Previous By Date Next
Previous By Thread Next

Current thread: