Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Jan 2016 09:33:19 -0500 (EST)
From: cve-assign@...re.org
To: gustavo.grieco@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: out-of-bounds write with cpio 2.11

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> in the parsing of cpio files
> 
> AddressSanitizer: heap-buffer-overflow
> WRITE of size 2
> 
> util.c:1392 cpio_safer_name_suffix

Use CVE-2016-2037.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWoj0bAAoJEL54rhJi8gl5AHUP/RkKp+uneF867005iGi48jaF
VpkwLC6mGHB/xFRvMCi1JQIHbtWY2sjaCxhNeBtLrQ2T6rp+ob+L2OORnbT3lyJe
5qPSgp5mxFhlyWOJESoT8Hvla3AYpbkzb2vN1IrHvFgyFstRUjwvTdFv/Pup7En7
B8jbbLNUsgFlAO7orTd9jLi4CrZTVyy1qOb9E7cs7hwPyyvWRaxQWOmR27gjr9Vx
1MWh5L7v8VFvE4zP9AvVH+o3jId3LKoQyiwPc9+mHJcEDk6a1O+me/bXaDufcMN1
k5orCuAq1GJ71MAbCFYbO7A/xZic8gUZ6nOzeLcSAWZALP9XJrX93ZF74ldcl165
MrX6js5WXAE81jXCCWDlBj+ee7A5OazgCRTrSxSIjYfQU94oSKBch56fXwC1yS+M
htjPXgs2ILv/HmFDWgxZpipdFuFSBqboHc8kjq0dA+6a3C7iRqsXzLHU9MGJsGiH
lfBfDYMcBbb7rE9ryBAomV7jq9BD6xoaKTYXIjQ4ynrJxOY1jfn0mITPltikEF8/
iOkgg3s9oZbY5DPwVfae7n6gPvpcQPJl9guEpGdmRrgW85NNUf6goDrgTIokwdoZ
HCnTSwjv8i1Wg3tqvt6kvy0ssWAe0GwGCbgJyBmp/sq/LXb2TZ/XTG/a94scX40D
p67V2HPHK+2GL8/v32B/
=Vsja
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ