oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2018-19591: glibc if_nametoindex may not close descriptor

From: Florian Weimer <fweimer () redhat com>
Date: Tue, 27 Nov 2018 22:04:31 +0100
Guido Vranken reported that the glibc implementation of if_nametoindex
would not close an internal descriptor when processing a long interface
name.  This error condition can be triggered via the getaddrinfo
function (and at least one HTTP client library).

  <https://sourceware.org/bugzilla/show_bug.cgi?id=23927>

Fixed with this upstream commit:

commit d527c860f5a3f0ed687bd03f0cb464612dc23408
Author: Florian Weimer <fweimer () redhat com>
Date:   Tue Nov 27 16:12:43 2018 +0100

    CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

The vulnerability was introduced in commit
2180fee114b778515b3f560e5ff1e795282e60b0 ("Check length of ifname before
copying it into to ifreq structure."), fixing bug 22442 for glibc 2.27.
Since this addressed a compiler warning with GCC 8, this commit was
backported to quite a few release branches.

Thanks,
Florian
Previous By Date Next
Previous By Thread Next

Current thread: