Date: Fri, 29 Aug 2014 14:24:26 +0200 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: glibc character set conversion from IBM code pages In 2012, a crasher in IBM930 decoding was reported and fixed: <https://sourceware.org/bugzilla/show_bug.cgi?id=14134> <https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=6e230d11837f3a> This change went into glibc 2.16. Today, Adhemerval Zanella Netto reported in additional code page decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364): <https://sourceware.org/bugzilla/show_bug.cgi?id=17325> <https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html> Upstream commit is still pending. These crashers are out-of-bounds reads at a fixed offset relative to the data segment of a DSO, and in all cases I've seen, they were right in the middle of an unmapped segment of the same DSO. This means that these bugs are just crashers, but they can still result in denial-of-service conditions. Since the affected version ranges are not identical, this needs two separate CVE identifiers, probably one from 2012 and one from 2014. -- Florian Weimer / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ