Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 17 Aug 2016 23:30:14 -0400 (EDT)
From: cve-assign@...re.org
To: peter@...e-magic.net
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request for buffer overrun in CHICKEN process-execute and process-spawn posix procedures

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html

> I would like to request a CVE for a buffer overrun that
> was detected in CHICKEN Scheme's "process-execute" and
> "process-spawn" procedures from the posix unit.
> 
> CHICKEN preallocated an argument array of ARG_MAX items (or 256 if
> that was undefined), and an environment array of ENV_MAX items
> (or 1024 if that was undefined), and did not verify that the arguments
> or environment lists were less than this size, resulting in a buffer
> overrun if these lists were longer.

Use CVE-2016-6830.


> The bugfix also fixed a memory leak in the same piece of code, which
> could potentially be used to cause resource exhaustion/denial of
> service situation.

>> a memory leak existed in this code, which would be
>> triggered when an error is raised during argument and environment
>> processing (e.g., if one of the arguments wasn't a string).

> Does this warrant another CVE?

Yes, use CVE-2016-6831 for the memory leak.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXtSRnAAoJEHb/MwWLVhi21jEQAKZvWLvq/uy2d4j31FTcH3Sx
OjM5j9I+2/szLaexJcEHjQGLUL34NDem+CEizZa1lU2NXKFFlYYXE8CGDGtVyvG9
M21Dxfq6QiSJv6WacORbLawUK6txSfBajOBu+DL36lr+Y6FSejh5zxwg/97E1Z97
J+bpICS96zSUDx21rTVj6a7AT+C48vHsGXdZ214yiui6Grs1UjKEwbyJvYONJnEh
qaUfZwxd1DMrp9mYLbTzC7YoaA8cpK4pa2XMj866Ek9zqd55W+IFrxTg7bapHrRY
elZdeTuXyg4POQ/ZJFUkkRVUZt5Dfa5r2nhG6O6oYxCNIWcjCwNkEH3vy8Fqnstp
60tAC2Plt/F58Or5rcgBMIPckf01rolGj23EOCKihuAqZC8iXyisaTWC80Bzvx9P
9L3RBU4p956GpRvDyMONdq30bGgI5ICtpV6yJUgiuMIR3npoCkZqH8/ONSrxZjdj
jPeikuZNGpzRmDqiKijG8PqXutTlnxNqiZ2sntFIzEgMrRYLtpaEqkXGJBOJiF/v
NiVOPbvlnVNfkbLBj4MjFwhxD10a8Nb+VuIUJaSVAEUszFlpTCiA/cj1t3ZZb5MG
bPumWrj0+22vn+C2V3KVlsevP8co68ggxydx2RYsbJ2gEQ7gkM904HFNkPfk1ZS2
CpJ18WYaF6DGQvTX6wie
=BpnE
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ