Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 1 May 2016 22:10:11 +0200
From: Gustavo Grieco <gustavo.grieco@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Jansson: stack exhaustion parsing a JSON file

Hi,

A crash caused by stack exhaustion parsing a JSON was found. It affects, at
least version 2.5 as well as the last git revision. Technical details and a
reproducer are available here:

https://github.com/akheron/jansson/issues/282

This crash was found by QuickFuzz working with Radamsa (again caused the
extreme mutation). It was manually minimized later.

Regards,
Gustavo.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ