Full Disclosure mailing list archives

Re: null pointer deference in nano via read_the_list()

From: Mark Esler <mark.esler () canonical com>
Date: Fri, 26 Jan 2024 13:08:51 -0600

Hi Meng,

In your recent mass posts to FD, are you reporting vulnerabilities orbug reports which have words like "segfault" in the title? What benefitdo you see this having? Have you spoken to each upstream project beforerequesting a CVE be assigned?


Thank you,
Mark Esler

On 1/19/24 22:05, Meng Ruijie wrote:

[Vulnerability description]
Nano v6.2 was discovered to contain a segmentation violation via the function read_the_list().

[VulnerabilityType Other]
null pointer deference

[Vendor of Product]
nano

[Affected Product Code Base]
nano - 6.2

[Reference]
https://savannah.gnu.org/bugs/index.php?64465

[CVE Reference]
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2023-45932 to this 
vulnerability.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

null pointer deference in nano via read_the_list() Meng Ruijie (Jan 26)
- Re: null pointer deference in nano via read_the_list() Mark Esler (Jan 27)