Date: Wed, 17 Aug 2016 23:30:14 -0400 (EDT) From: cve-assign@...re.org To: peter@...e-magic.net Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request for buffer overrun in CHICKEN process-execute and process-spawn posix procedures -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html > I would like to request a CVE for a buffer overrun that > was detected in CHICKEN Scheme's "process-execute" and > "process-spawn" procedures from the posix unit. > > CHICKEN preallocated an argument array of ARG_MAX items (or 256 if > that was undefined), and an environment array of ENV_MAX items > (or 1024 if that was undefined), and did not verify that the arguments > or environment lists were less than this size, resulting in a buffer > overrun if these lists were longer. Use CVE-2016-6830. > The bugfix also fixed a memory leak in the same piece of code, which > could potentially be used to cause resource exhaustion/denial of > service situation. >> a memory leak existed in this code, which would be >> triggered when an error is raised during argument and environment >> processing (e.g., if one of the arguments wasn't a string). > Does this warrant another CVE? Yes, use CVE-2016-6831 for the memory leak. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXtSRnAAoJEHb/MwWLVhi21jEQAKZvWLvq/uy2d4j31FTcH3Sx OjM5j9I+2/szLaexJcEHjQGLUL34NDem+CEizZa1lU2NXKFFlYYXE8CGDGtVyvG9 M21Dxfq6QiSJv6WacORbLawUK6txSfBajOBu+DL36lr+Y6FSejh5zxwg/97E1Z97 J+bpICS96zSUDx21rTVj6a7AT+C48vHsGXdZ214yiui6Grs1UjKEwbyJvYONJnEh qaUfZwxd1DMrp9mYLbTzC7YoaA8cpK4pa2XMj866Ek9zqd55W+IFrxTg7bapHrRY elZdeTuXyg4POQ/ZJFUkkRVUZt5Dfa5r2nhG6O6oYxCNIWcjCwNkEH3vy8Fqnstp 60tAC2Plt/F58Or5rcgBMIPckf01rolGj23EOCKihuAqZC8iXyisaTWC80Bzvx9P 9L3RBU4p956GpRvDyMONdq30bGgI5ICtpV6yJUgiuMIR3npoCkZqH8/ONSrxZjdj jPeikuZNGpzRmDqiKijG8PqXutTlnxNqiZ2sntFIzEgMrRYLtpaEqkXGJBOJiF/v NiVOPbvlnVNfkbLBj4MjFwhxD10a8Nb+VuIUJaSVAEUszFlpTCiA/cj1t3ZZb5MG bPumWrj0+22vn+C2V3KVlsevP8co68ggxydx2RYsbJ2gEQ7gkM904HFNkPfk1ZS2 CpJ18WYaF6DGQvTX6wie =BpnE -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ