oss-sec mailing list archives
Re: CVE request for buffer overflow in ppp
From: cve-assign () mitre org
Date: Thu, 16 Apr 2015 02:49:44 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The process id is used in rc_mksid to generate a pseudo-unique string, assuming that the hex representation of the pid will be at most 4 characters (FFFF). __sprintf_chk(), used when compiling with optimization levels greater than 0 and FORTIFY_SOURCE, detects the buffer overflow and makes pppd crash. the bug occurs if pppd's pid is greater than 65535. The number of running processes is irrelevant. https://bugs.debian.org/782450 https://bugs.launchpad.net/ubuntu/+source/ppp/+bug/291743
Use CVE-2015-3310. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVL1slAAoJEKllVAevmvms9z4IAKjhNGyaWSeC2o/UBkbq8Obp 92J/ILNwc14EUrowfVbPbK5RfHnja+p4Me4Ha12+k4yxKuD/UTY5JH7CoD/WyK5k CdQRjhe0S0BwookFCpTK4HUXSx8qgX/o6AuKraCCg3DdS1a2eytZezbHhX50rGkP 47FWUnOMfOKAUtwRcRyo0WwilJ9Ip6LDmfRgJ+PB91/wGQr4XwY/Hf0ELCXTUx5N ua/qrnJ1krUem4BWxX1J9dBVMB+DoM0GEkR6cMmGP70sI+EaCJvP+XuNdZe0iBWp MRo0+WhS2R6WEJmAQi+35T4QDEvfc12cbayK26KJTP70Y6iP3FdmGTeAoaPOJDc= =58D2 -----END PGP SIGNATURE-----
Current thread:
- CVE request for buffer overflow in ppp Sébastien Delafond (Apr 13)
- Re: CVE request for buffer overflow in ppp cve-assign (Apr 15)