Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Jan 2017 20:44:12 +0530
From: Dileep Kumar <dileep.chinu@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: MUJS null pointer dereference and Heap buffer overflow write

Hi,

The details of the two bugs found in MUJS (https://github.com/ccxvii/mujs)
are as follows :

1. Null pointer dereference in regexp.c

    The return value from malloc is not properly checked before
dereferencing it which can result in a crash.

     More details on the bug in the bug report at:
     https://bugs.ghostscript.com/show_bug.cgi?id=697381

     This has been fixed by the MUJS team in the commit:
http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73
156496e569

2. Heap buffer overflow write in jsrun.c: js_stackoverflow()

    There was a logical error in the code which can be used to trigger a
heap overflow write.

    More details on the bug in the bug report at:
    https://bugs.ghostscript.com/show_bug.cgi?id=697401

    The same has been fixed by the MUJS team in the commit:
http://git.ghostscript.com/?p=mujs.git;a=commit;h=
77ab465f1c394bb77f00966cd950650f3f53cb24

Both bugs are found by Dileep Kumar Jallepalli using AFL. Please kindly
assign CVEs if suitable.

Thanks,
Dileep Kumar Jallepalli

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ