oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cve issue discussion

From: Glenn Randers-Pehrson <glennrp () gmail com>
Date: Mon, 7 Aug 2017 08:47:35 -0400
It's not causing a crash, just a delay.  You'll safely get either an OOM
message or an EOF message.and no memory leak.

Glenn

On Mon, Aug 7, 2017 at 8:37 AM, Marcus Meissner <meissner () suse de> wrote:

Hi,

if it could crash the image reader I would consider it "remote denial of service"
classed and CVE worthy.
Previous By Date Next
Previous By Thread Next

Current thread: