oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-Request - bitbake

From: Maxin John <maxin () maxinbjohn info>
Date: Mon, 16 Feb 2015 15:42:06 +0100
Hi,

Executing "bitbake -g -u depexp <package>" when DISPLAY is not
properly set causes segfault and a denial of service (through OOM) via
a crafted script.

Bug Report URL:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7299

Patch link (master branch):
http://git.openembedded.org/bitbake/commit/?id=f35e9bd7b59c180fe9a3d9177efb57b92d9cd373

Can a CVE be assigned to this please?

Thanks and Regards,
Maxin
Previous By Date Next
Previous By Thread Next

Current thread: