Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 25 Oct 2016 01:29:09 -0400 (EDT)
From: cve-assign@...re.org
To: ago@...too.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: libwmf: memory allocation failure in wmf_malloc (api.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> AddressSanitizer failed to allocate 0xfe769000 bytes of LargeMmapAllocator

> 0x7f7173b4d337 in wmf_malloc ... libwmf-0.2.8.4/src/api.c:482
> 0x7f7173b5d2f8 in wmf_scan ... libwmf-0.2.8.4/src/player.c:143
> 0x7f7173d6dcf7 in ReadWMFImage ... ImageMagick-7.0.3-0/coders/wmf.c:2675:13

Use CVE-2016-9011.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYDu1AAAoJEHb/MwWLVhi2VPwP/20e47SxBDB94G3os2r/E/rD
Us+bIZe+GEusNpuUoKn+Ykh9Y9/OBgUxkSacTLhETbWwInWSZcwv5Tntl/+SYQPU
e623sugwiN9TrlAAPnBstCD6lx0CndQar4mkdVrvdHqLxnGXz34D/vfdseIKpmLK
fMnAMpD3mLDF2BuwVqPdqVgoDV7ieD9rSZ8JWIJFsJIHm1qxtjMoAOKcyddBtYo9
kJa+LEtQGJebL8Dh5r8nEsimINscI17h803D5//U8o57BOLpleztKKDk4wVGKNJe
7L92xplVIGQ2a84SnjCcOPPAc2p4gSz1C3CQjDKTh3kmnuFzLB/VVOIgzwLtpeBN
oF6LUK5WLx36/V9RW4Yrk7ilFudIFzW+kg/1cE4P4+zE/LItwPSGF4y5PfvLsEQB
2deI2cV+pIzNBLIUOtx4M+4d0+vjzXW+NmrVUCKmdoBAKtvXi1OBmDjN/NN8U1A5
dBugmmfZ95Yzw2Yv96UVQ7YNxzUjjQxcP2I6ufKAOa99oKm/mWUAsb2p8bgrnNZ6
kUPMfUyKrVmrgkxUSHaT5AldPm9K/JYCsiyuoU7HDCE/HSKHUKYypUK5hwEMK4xV
N3XK4Ex1wVb3drCRwXniVMpwrpGyPxSNg3T5okHmmHDn01Q600GunzzJorRDkNIV
MO66uFXEbfDaT3Gz2hd2
=Xe0u
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ