Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Sep 2015 16:52:45 -0400 (EDT)
From: cve-assign@...re.org
To: gustavo.grieco@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: DoS in libtiff

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> We found a DoS using a crafted tiff file that causes a OOM kill

> If you run it with ltrace, you can see some very large reallocs

Use CVE-2015-7313.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWAbzpAAoJEL54rhJi8gl5+bQP/i/xWz22LGpaKlwEHRLLUbml
8wIlyokkQMyxF5JfmND/2bvr7P0RisaYCr93C0Mdmvob/l2ht8FVHdruGwy+nHq2
aLFO/q4odopAGjT/UdIaI4j+M9AbHWKuuielfxX87RalCLbz8Lv2Ny7hoTnyVlAK
th0Vvz8bdVeEn6EXU2iEtXjtmh+tV+e8NL+Csvkp7A/FLAJneadgVhR0m+qlVNBA
YT/PP0SeQ9e3Zlyv8UVKazGvV4LgqjrrS/kg9mk8FRmm/oCgpkNM3/VuS2Xn5CSM
fmWju1e5iJur+lIRD7NCWexipzelM/9BxYi07uxH2ZmC1zwCckblUqlJDHVIpLrU
DHbVhGsBzBk3n49TiQgh3G8q5Df9CpPqiMozANCnI13tA8IU+nE6et6toQOtiX0b
UyAuNEG7m/1HqbG4f6sSXfJXAujDZXJRAERU7VPVBxMlwvh8fIwR4d+rsrMyuC7w
6RusT0Gv2yYetBJgbzCcktqu7DcBKKG9NN2Cndhc7v9yV4utdZ+bxhOi77no3BFt
OdlOtrx0Y8wd/c8bG5JNvzSOHZhGmZD1hU5aUQJtu0izBbKG598jW0BdtBmG8ZQH
fSn+Wuw49iC9VyJ6Cs9t4pRX6kGh4CW3EkiOnyKjFF+UQdcdAAV+hWVvAcJfEtAY
qiVsVTUHJxNOaBsqJvlp
=o1Fp
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ