Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 14 Mar 2014 23:35:40 +0800
From: Qixue Xiao <s2exqx@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE request for a bug in gnu coreutils 8.22

I am not sure whether this needs a CVE.


this bug will result an illegal memory access, which may be leak
information without authority.

and the author had fixed it after my report.

please see:
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16855


### Bug overview

    shuf -er or shuf -eer [ segment fault]
    impact [coreutils 8.22 ]

```
[15:03:59]xqx <at> server:~/data/xqx/projects/coreutils-8.22$
./obj-gcov/src/shuf -er
Segmentation fault (core dumped)

```

thanks
.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ