Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue,  3 Nov 2015 15:03:28 -0500 (EST)
From: cve-assign@...re.org
To: honey@...ernot.info
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: libsndfile DoS/divide-by-zero

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Date: Wed, 24 Dec 2014 23:36:00 +1100
> 
> I found a divide by zero bug in libsndfile.
> Could I get a CVE-ID for this?

> https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6

> + if (bytes == 0 || items == 0)
> +         return 0 ;

Use CVE-2014-9756.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWORI1AAoJEL54rhJi8gl5fJwP/An9dn4fffHVYuO9ULtk6wTv
Q00kp5m6fOMta6BzLRR/f5VG1LhnvV3+GgvNdo0s+2to9FKrQ8iKcYa0YIzqBtDy
5ygBV+ZqSrL3dfXGSzbskMZk8aXVh/S2W5WwAA5R5xikv19joANygHIbySZySLXB
9okZ3iRTIfCPEYYYu3GojgXzpNFin849v5Xgzmzk5izGhHoC8HdzBx3KVqIGvOgG
HY5jYRCD2ySgdl7ycIWg9mWOj0qUpkwM9qz4PVIah1XcMWpFPOnLh9dmbOQhOMQ8
OybYFiIH1Zp8Cghjy1OAHU+cegHSfgm+Tj/e9iDnIsa0plXFJjHdlKEHCAA2txcR
WnGoI7yQ3Iu927/u8hKi0aMHRMW9BanH2vaUQSz3YlcPv0foL+eKBG/cVcyDlm5K
BHeROjFLpzJroQyUzF5KyL5fU3MvGn6OfMoGFkBxNMhu7SWWzVVoNH4fzPryH0zd
OUnqe0lKb/MqmWlm7SWU1ZSShn9LbFMzHjQq4pLUH5CkNnprE+avLDfxpCbTIC9m
IfT40CplEIg6iwTC9Tq4jLtNrTQcKY5XblQK39oZ6AvobFzedcNFMPNEwp6WkeGk
g+xfpdAEjOCIJX3W9xE0PB3TpvkmU8HJTYMGHHnEGv6iHQ8Ay0BSan0/d0FeCbm0
hmeZzEvGDwep3P/OyKyx
=HRSj
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ