Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 03 Feb 2015 22:34:14 -0500
From: Daniel Micay <danielmicay@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE request: heap buffer overflow in glibc
 swscanf

> Here, it seems that the goal of the policy is risk management for use
> of alloca. This is security relevant for some applications that use
> glibc, because it could (for example) allow a denial of service attack
> that's intended to trigger a failed alloca. There was one intended
> policy, and the the incorrect "__libc_use_alloca (newsize)" caused a
> different (and weaker) policy to be enforced instead.
> 
> Use CVE-2015-1473 for this risk-management error.

alloca isn't checked if -fstack-check isn't used, and most distributions
don't use it. There's a good chance that a guard page will be hit but no
guarantee without -fstack-check.


Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ