Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 13 Apr 2014 07:40:31 +0000
From: mancha <mancha1@...o.com>
To: oss-security@...ts.openwall.com
Subject: Re: Use-after-free race condition,in OpenSSL's read
 buffer

On Sun, Apr 13, 2014 at 10:44:54AM +0400, Solar Designer wrote:
> On Sat, Apr 12, 2014 at 09:47:49PM -0600, Scotty Bauer wrote:
> > Patch is available at:
> > http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch
> 
> Some context to this:
> 
> http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
> 
> This specific patch is found in Benson Kwok's bug report:
> 
> https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest

A little more context:

This is effectively a NOP unless OpenSSL is compiled with
-DOPENSSL_NO_BUF_FREELIST. Here's another ticket with a
similar solution:

https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest

--mancha

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ