Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 3 Nov 2015 13:40:30 +0100
From: Kristian Fiskerstrand <kristian.fiskerstrand@...ptuouscapital.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE Request: pycurl use after free fixed in version 7.19.5.2

Dear all,

pycurl reports fixing a use after free in version 7.19.5.2[0]

* Fixed a use after free in HTTPPOST when using FORM_BUFFERPTR with
  a Unicode string (patch by Clint Clayton).

This seems to be in the file src/easy.c fixed in commit
602f8e364634d386524f0396e962c2c9de0536a9[1]

I haven't looked into the code in any detail for exploitability, but
my understanding is that use-after-free generally gets assigned a CVE
based on CWE 416[2], if so may you please assign a CVE to this issue?

References:
[0] https://github.com/pycurl/pycurl/blob/master/ChangeLog
[1]
https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
[2] http://cwe.mitre.org/data/definitions/416.html

-- 
----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"At 18 our convictions are hills from which we look; At 45 they are
caves in which we hide."
(F. Scott Fitzgerald)


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ