Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 31 Jul 2014 11:34:24 +0200
From: Florian Weimer <>
Subject: Re: Re: [CVE request] Array allocation fixes in libgfortran

On 07/24/2014 04:08 AM, wrote:
> Hash: SHA1
>> several CVE-2002-0391-style integer overflows in array allocation in
>> libgfortran
> Use CVE-2014-5044.

Thanks.  The fixes have been backported to GCC 4.8 and 4.9:

> It seems fairly clear that there is only one CVE ID needed. However,
> can you clarify what definition of "CVE-2002-0391-style integer
> overflows" you were using? We think you might mean:
>    - any integer overflow caused by multiplying the number of elements
>      in an array by the size of a single element
>    - this includes, but isn't limited to, cases where the array
>      elements represent arguments

The first, combined with the fact that the overflowing calculation is 
used to compute byte sizes for memory allocation purposes.

Florian Weimer / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ