oss-sec mailing list archives
CVE-2023-25139: glibc-2.37 sprintf buffer overflow
From: Jan Schaumann <jschauma () netmeister org>
Date: Fri, 10 Feb 2023 16:47:33 -0500
Hi, I just came across this and don't think I've seen a note of it to this list: CVE-2023-25139: a buffer overflow in sprintf(3) in glibc-2.37: https://sourceware.org/bugzilla/show_bug.cgi?id=30068 glibc-2.37 was released on 2023-02-01, so this isn't going to be wide spread. Fixed in https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c980549cc6a1c03c23cc2fe3e7b0fe626a0364b0 -Jan
Current thread:
- CVE-2023-25139: glibc-2.37 sprintf buffer overflow Jan Schaumann (Feb 10)