Date: Mon, 29 Jun 2015 12:52:13 -0400 From: Giancarlo Canales <gcanalesb@...com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Cc: "cve-assign@...re.org" <cve-assign@...re.org> Subject: CVE request: Stack overflow in redcarpet's header_anchor After examining the redcarpet source code, I noticed that header_anchor uses variable length arrays (VLA) without any range checking. This is conducive to a stack overflow, followed by the potential for arbitrary code execution. Redcarpet is a Markdown parser library. I'm requesting a CVE number for this vulnerability. Title: Stack overflow in redcarpet's header_anchor Products: redcarpet Affects: v3.3.0 - v3.3.1 Type: Stack overflow First CVE request: Yes Fixed: Yes, v3.3.2 Fix: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb Changelog: https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md Thanks, Giancarlo Canales Barreto
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ