Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 17 Apr 2014 08:01:46 -0400
From: Marc Deslauriers <>
Subject: Re: CVE Request: systemd stack-based buffer overflow
 in systemd-ask-password

On 14-04-17 07:39 AM, Marc Deslauriers wrote:
> Hello,
> From the Red Hat bug:
> A stack-based buffer overflow was found in systemd-ask-password, a utility used
> to query a system password or passphrase from the user, using a question message
> specified on the command line. A local user could this flaw to crash the binary
> or even execute arbitrary code with the permissions of the user running the program.
> Bug report:
> Fix:
> Could a CVE please be assigned to this issue?

Actually, never mind that request...crashing your own prompt isn't a security issue.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ