oss-sec mailing list archives

Re: CVE Request coreutils

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 21 Jan 2013 18:33:07 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/21/2013 01:39 PM, Vincent Danen wrote:

* [2013-01-21 19:17:49 +0100] Moritz Muehlenhoff wrote:

Can someone assign a CVE id for a buffer overflow in
coreutils? Its the same code snippet (coreutils-i18n.patch) and
it affects sort, uniq and join:

https://bugzilla.novell.com/show_bug.cgi?id=798538 
https://bugzilla.novell.com/show_bug.cgi?id=796243 
https://bugzilla.novell.com/show_bug.cgi?id=798541


Could you send the faulty patch to the list so that distros can
validate that they don't include it themselves?


Red Hat/Fedora do include this patch, so it's more than just SUSE
that ships them.  However, when I was looking at them last week,
this struck me as just a non-exploitable crash and unless I'm
missing something, I think it would be quite the stretch to call it
a security flaw.


Agreed, there is no significant impact of exploitation and there is no
real easy way to trick a victim into doing this (and even if you do,
so what? now if it was code exec we might be talking about something
interesting).

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ/exTAAoJEBYNRVNeJnmTrW0P/3B/L/SE7akzCPUU6TW9wy1L
Rpb8IIITLCz1qkb/gkUayUFJHQDjpEfmxNPJQWm1fJBrWI0bFr0wvHRuGHgyXZEA
Bl+js2w0uu7kAEEf1bHjZjf7zVHZ2tvoAdzi8ypLASZisxXwSa4acy++sqmPTrSf
oNOu3ChqG919VSLfD8Zf5AsGFs6G3tRzNEmYtvllt9liUFKgL6WsCNWNWUZdpWm2
crZPdyf343VvQcG5p7vYPEJLUBmnUSIauakssYPxGSp1vNBDNCC8xuVnyf1KOLfc
r3BHDPRX5ooe8EcoK/zgo1owK7tP9d7FT94gIsJte3OUOP5dq6LR/R0ZMMUsneNA
EjJScDCkh0hcZYCdJkqtah5aoAYI6IQvXJVtbwDM+rAvHfoMV2nkbWVZL0SgCMW/
B/hvhQJejFN3dd0wfiO5sQf5o2UxxYyIIpTE+GQP/pe8Q7F1BzR5nV87Jd3sWQY8
J873KRADBgt4RwbVUpI7dUL67UeRZCN4FiNtYYEuD5BeJWMSVoVXRHP7zBkx8GhG
vgfUc02+IyxS0HTO5HIxSJnLYOSa++SxJ4/w85aqcWPLrLHhL4s1k4GELPg/JhdW
Um35zAkcLNnxsxySCMIWZKEUTZ3xdpBspc3QVkw/IoyZpk+QhQTM2S/C3yWv4Q0z
xwHEEqesvl8l7UlpQ2mC
=rw4/
-----END PGP SIGNATURE-----

Current thread:

CVE Request coreutils Sebastian Krahmer (Jan 21)
- Re: CVE Request coreutils Michael Tokarev (Jan 21)
  - Re: CVE Request coreutils Kurt Seifried (Jan 21)
  - Re: CVE Request coreutils Matthias Weckbecker (Jan 22)
    - Re: CVE Request coreutils Kurt Seifried (Jan 23)
- Re: CVE Request coreutils Moritz Muehlenhoff (Jan 21)
  - Re: CVE Request coreutils Vincent Danen (Jan 21)
    - Re: CVE Request coreutils Kurt Seifried (Jan 21)
    - Re: CVE Request coreutils Sebastian Krahmer (Jan 21)
    - Re: CVE Request coreutils Vincent Danen (Jan 22)
    - Re: CVE Request coreutils Sebastian Krahmer (Jan 22)
    - Re: CVE Request coreutils Vincent Danen (Jan 23)
    - Re: CVE Request coreutils Florian Weimer (Jan 22)
    - Re: CVE Request coreutils Florian Weimer (Jan 22)
  - Re: CVE Request coreutils Sebastian Krahmer (Jan 22)