oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Use after free in monit / _handleEvent

From: Hanno Böck <hanno () hboeck de>
Date: Sun, 23 Dec 2018 09:31:30 +0100
Hi,

There's a use after free in monit that shows up if you run it for a
while on an active system with address sanitizer enabled.

I reported this in august:
https://bitbucket.org/tildeslash/monit/issues/764/use-after-free-in-function-_handleevent

Fix is here:
https://bitbucket.org/tildeslash/monit/commits/5827927c4623

The fix is unreleased, the current version (5.25.2) is still affected.


-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Previous By Date Next
Previous By Thread Next

Current thread: