Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 14 Aug 2016 12:50:11 +0200
From: Peter Bex <peter@...e-magic.net>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: CVE request for buffer overrun in CHICKEN process-execute and
 process-spawn posix procedures

Hello all,

I would like to request a CVE for a buffer overrun that
was detected in CHICKEN Scheme's "process-execute" and
"process-spawn" procedures from the posix unit.

CHICKEN preallocated an argument array of ARG_MAX items (or 256 if
that was undefined), and an environment array of ENV_MAX items
(or 1024 if that was undefined), and did not verify that the arguments
or environment lists were less than this size, resulting in a buffer
overrun if these lists were longer.

The full announcement can be found here:
http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html

The bugfix also fixed a memory leak in the same piece of code, which
could potentially be used to cause resource exhaustion/denial of
service situation.  Does this warrant another CVE?

The bug affects all releases of CHICKEN up to and including 4.11.

Cheers,
Peter Bex

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ