oss-sec mailing list archives

CVE Request: pycurl use after free fixed in version 7.19.5.2

From: Kristian Fiskerstrand <kristian.fiskerstrand () sumptuouscapital com>
Date: Tue, 3 Nov 2015 13:40:30 +0100

Dear all,

pycurl reports fixing a use after free in version 7.19.5.2[0]

* Fixed a use after free in HTTPPOST when using FORM_BUFFERPTR with
  a Unicode string (patch by Clint Clayton).

This seems to be in the file src/easy.c fixed in commit
602f8e364634d386524f0396e962c2c9de0536a9[1]

I haven't looked into the code in any detail for exploitability, but
my understanding is that use-after-free generally gets assigned a CVE
based on CWE 416[2], if so may you please assign a CVE to this issue?

References:
[0] https://github.com/pycurl/pycurl/blob/master/ChangeLog
[1]
https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
[2] http://cwe.mitre.org/data/definitions/416.html

-- 
----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"At 18 our convictions are hills from which we look; At 45 they are
caves in which we hide."
(F. Scott Fitzgerald)

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

CVE Request: pycurl use after free fixed in version 7.19.5.2 Kristian Fiskerstrand (Nov 03)
- Re: CVE Request: pycurl use after free fixed in version 7.19.5.2 cve-assign (Nov 03)