oss-sec mailing list archives
CVE request: heap buffer overflow in glibc swscanf
From: Paul Pluzhnikov <ppluzhnikov () gmail com>
Date: Sun, 1 Feb 2015 11:22:54 -0800
Greetings, https://sourceware.org/bugzilla/show_bug.cgi?id=16618 is almost 1 year old, and still not fixed in glibc trunk. I have verified that the test case from it fails with libc6 2.19-0ubuntu6.5 and current trunk glibc. Don't know if it's exploitable, but it seems like it could easily be. (I'll see if I can fix it in the mean time.) Thanks, -- Paul Pluzhnikov
Current thread:
- CVE request: heap buffer overflow in glibc swscanf Paul Pluzhnikov (Feb 01)
- Re: CVE request: heap buffer overflow in glibc swscanf cve-assign (Feb 03)
- Re: Re: CVE request: heap buffer overflow in glibc swscanf Daniel Micay (Feb 03)
- Re: Re: CVE request: heap buffer overflow in glibc swscanf Florian Weimer (Feb 04)
- <Possible follow-ups>
- Re: CVE request: heap buffer overflow in glibc swscanf Gsunde Orangen (Feb 03)
- Re: CVE request: heap buffer overflow in glibc swscanf cve-assign (Feb 03)