oss-sec mailing list archives
Re: CVE Request: Three integer overflows in glibc memory allocator
From: mancha <mancha1 () hush com>
Date: Thu, 12 Sep 2013 17:40:07 +0000 (UTC)
Kurt Seifried <kseifried@...> writes:
On 09/11/2013 05:49 AM, Will Newton wrote:Hi, I recently discovered three integer overflow issues in the glibc memory allocator functions pvalloc, valloc and posix_memalign/memalign/aligned_alloc. These issues cause a large allocation size to wrap around and cause a wrong sized allocation and heap corruption. The issues are fixed in glibc mainline. The relevant glibc bugzilla entries are here: https://sourceware.org/bugzilla/show_bug.cgi?id=15855 https://sourceware.org/bugzilla/show_bug.cgi?id=15856 https://sourceware.org/bugzilla/show_bug.cgi?id=15857 Thanks,CVE MERGE, same researcher, version and vuln type. Please use CVE-2013-4332 for this issue.
Kurt, vendors, et al. - I've consolidated upstream fixes for these three integer overflow vulnerabilities in a port to glibc 2.17 and placed it here: http://sourceforge.net/projects/miscellaneouspa/files/misc/glibc-2.17_CVE-2013-4332.diff Upstream fixes: * https://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696a * https://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef * https://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d --mancha
Current thread:
- CVE Request: Three integer overflows in glibc memory allocator Will Newton (Sep 11)
- Re: CVE Request: Three integer overflows in glibc memory allocator Kurt Seifried (Sep 11)
- Re: CVE Request: Three integer overflows in glibc memory allocator mancha (Sep 12)
- Re: CVE Request: Three integer overflows in glibc memory allocator Kurt Seifried (Sep 11)