oss-sec mailing list archives
Re: Full disclosure: denial of service in srvx
From: Pierre Schweitzer <pierre () reactos org>
Date: Mon, 22 Sep 2014 21:55:28 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 30/08/2014 03:27, cve-assign () mitre org wrote:
Putting an extremely high value to these parameters, such as 184467440723049 will lead to an integer overflow. When attempting to queue the function execution, srvx will add it in the past, will attempt to execute it immediately and thus will loop forever on this, and will finally crash due to memory exhaustion.Use CVE-2014-5508 for the integer overflow.
Thanks. This has been used for the pull request upstream, which has finally been merged to their trunk. So, it's fixed in development trunk. See: https://github.com/GameSurge/srvx/commit/1c24a6f22c2782fb072239246f868515dbca7459 - -- Pierre Schweitzer <pierre at reactos.org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUIH6wAAoJEHVFVWw9WFsLyLgP/A/1oVUobq/vc7zGnPYg/eQi KkkC165VMsNamjhBIx5M4CZGa7Lndhxhojr5HvnjlAY+rYlS3RkMMlxVsR6QZ85q X3/Ilhs9Zrw2wKjqwhh0yoCSzHz/H9w4pEdMsSqQhUy6H2ETEFFHHMoUDIvzR4ad YPbmUfEhtRsFR5FPvdvMG5nEj7J244vQXUB6M4FnYtsc8ujtaRmc8/6FB+SWk8Dg xpdGj42mmmYVklB5kg5pef5BQ7q+Fhe4ode9BlCIG3SLasBecBi5wmvJtaLTN2hZ ZukejPPfp4KpZSCeoUd1JCqG5k0muSBJBNMiCbOcu/1lE0PCj6I6Esi21MbQB1oE gXMgZqzXKhS6P4eB8sq4s/t1hVQduSTKf1sf8JcQ8TipcQYm0MXcP6j7Ztck8Akk /bxlsabGl4wV9+v0PlZej+Q3OQV16ErG6LxDBSBCy7dnPFAVqB0o/1Xl7taezsyp prKGQJmr5JIlvvJyHetTEYX5ENSfcnr1zXDXgYZk9ubwJEncyqpfPg/t1+ozI3rt xKyfRB5Ej7G/bAANXdbqL9UyljBltrFbRxWcpPyHQ8ocy9NsRJxmFX+4P68aFCXF nsLpWWN95T22o8mz+n1aeXszzcfPommzzudAs6NDOjxSubu8/WapV89gz+DhqerZ jkGkRna/d2M9sdEIvddm =3ZYr -----END PGP SIGNATURE-----
Current thread:
- Full disclosure: denial of service in srvx Pierre Schweitzer (Aug 28)
- Re: Full disclosure: denial of service in srvx cve-assign (Aug 29)
- Re: Full disclosure: denial of service in srvx Pierre Schweitzer (Sep 22)
- Re: Full disclosure: denial of service in srvx cve-assign (Aug 29)