Date: Sun, 26 Oct 2014 23:44:49 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: Re: strings / libbfd crasher Am Sun, 26 Oct 2014 18:05:01 -0400 (EDT) schrieb cve-assign@...re.org: > There is currently no CVE ID for the > psa-dont-run-strings-on-untrusted-files.html "0xdeadbabe October 25, > 2014 7:20 PM" comment about "another one related with PE file headers > parsing." In general, a separate discovery that's potentially > exploitable for code execution could have its own CVE ID. Does anyone > want a CVE ID for that? The information in the comment is a bit scarce, it seems he hasn't published his sample (?). Anyway I checked the radare2-testsuite he was pointing to and found a crasher in the PE parser, I don't know if this is the same one, but I reported it upstream: https://sourceware.org/bugzilla/show_bug.cgi?id=17512 As this is a write to uninitialized memory it seems to me a CVE is deserved. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ