Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sat, 15 Oct 2016 22:49:12 -0400 (EDT)
From: cve-assign@...re.org
To: ago@...too.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2016/10/04/libdwarf-heap-based-buffer-overflow-in-_dwarf_get_abbrev_for_code-dwarf_util-c/

> AddressSanitizer: heap-buffer-overflow ... READ of size 1
> libdwarf/dwarf_util.c:624:43 in _dwarf_get_abbrev_for_code

> https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2

Use CVE-2016-8680.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYAudXAAoJEHb/MwWLVhi2ohsP/1Cco5DxH5s7xrI2OQ5S3npL
a4i0ykWBel0oObYzllOxCErUKsIRwgHuL59kMcKyYfiMf4StxpRRoCKXN0UJUPjG
jzyvJCrDwv3/yPfioei4oixSqoonDPnnMso/5+mTJEE5Swo+iLIpH8JRUBQhmPNs
JUl/NutBuTxlLqw9dXbo1Cb6JDrB1bRdlVXVonqqZ+ymk+RE3EtozsEA0ePKqnBK
41BMl/uwO8Ue1pCbdIFGbhuQieFJbYKASWJV6gK6zyx8J+W6pRjT9b8yWvDVfejO
kLLR0NyZni5powlZ8w+2Eyeb/zaLJlSQus+4vwEhTbbIMJkqtxCiFj46ksS2ty0Y
1x6fbW1/fHd5251NQp8uTl+1u3mhHpat5D9UABq5tPutLDRsASGvzkPIDi3GLHbi
M0I6lajCrptz3b6YgqyPOprAMlSUPS06T/9rcTC7I3GfGL/WN8klBgwmolrVdifj
RjlvQxWFnVi1JDKSodj9hbxcz3g6IFOSKyACuvdXph+943c6yYm3ZFb6GVQtZbsI
Zl9CvCmpM7rhE/Yc02EQeqPN73myVtdJHZiU3EAlxD9+ShlzmXoSkXrZoNucBb6x
LaA3v+xv1hePJkxsC3Ut/S99F5R/A6s0XGLuDSIQlSCr/Qs9vyzr7GNygVHmTYFd
jc7kJQ4SsHC12NUfqejb
=cKdI
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.