Date: Thu, 29 Oct 2015 17:45:21 -0700 From: akuster <akuster@...sta.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org, Florian Weimer <fweimer@...hat.com> Subject: Re: CVE Request: Glibc Pointer guarding weakness On 10/15/2015 01:08 AM, Florian Weimer wrote: > On 09/05/2015 06:49 PM, Hector Marco-Gisbert wrote: >> Hello, >> >> A weakness in the dynamic loader have been found, Glibc prior to 2.22.90 >> are affected. The issue is that the LD_POINTER_GUARD in the environment >> is not sanitized allowing local attackers easily to bypass the pointer >> guarding protection on set-user-ID and set-group-ID programs. >> >> >> Details and PoC at: >> http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html >> >> >> A patch is already sent to Glibc maintainers. This issue is similar to >> http://hmarco.org/bugs/CVE-2013-4788.html but now affect to dynamic >> linked applications. > >> Could you please assign a CVE ? Did I miss the assignment or this does not warrant a CVE? - armin > > Upstream commit: > > https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a014cecd82b71b70a6a843e250e06b541ad524f7 > > Florian >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ