oss-sec mailing list archives
Re: CVE Request: MySQL Null Pointer Dereference
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 10 Apr 2015 15:58:33 +0200
On Fri, 10 Apr 2015 18:46:47 +1000 Joshua Rogers wrote:
Could I get a CVE-ID assigned for this bug?: https://bugs.mysql.com/bug.php?id=75372
I believe this kind of issues is not considered security / needing CVE without further justification. The problem here only occurs if malloc(small_value) fails. Considering how small the value is and that it's not attacker controlled, it's fairly non-obvious if attacker has any practical chance of triggering this bug. -- Tomas Hoger / Red Hat Product Security
Current thread:
- CVE Request: MySQL Null Pointer Dereference Joshua Rogers (Apr 10)
- Re: CVE Request: MySQL Null Pointer Dereference Tomas Hoger (Apr 10)