Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 31 Jan 2017 10:17:27 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: mp3splt: invalid free in free_options (options_manager.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c
> 
> AddressSanitizer: attempting free on address which was not 
> malloc()-ed

> free_options mp3splt-2.6.2/src/options_manager.c:67:9

Use CVE-2017-5666.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYkKj6AAoJEHb/MwWLVhi2I5IQAKIqRlQDOlDi3vBVbyHS/7uj
rVKO/et4VVkB5+vh3mAt7TmeuU9kvkUefMlnGe6MREI1aqQhxEXJkspLGZsr2vWJ
wLFPlvbb1c5+bC194ZSGn1Ad29DbqxLVFJ8569Mxggo314RjzDEXn1deMLybIlx2
e6SRJ8c6YRAtoIvTQ9e+yr3YXMKTGnqzjpbdbuu/bX6AS/Th5/OLqWBBvkdX9hic
+JiPyL0V5D0XAdTRuZbKf8SZQ6FoigR+oMbAPznQ51Ewgcxu+WVbWi16OzvWzjYM
/j6ksokUlJ4vUOHkzr/Mm/h0+agYrJWIbZzVRaX/8WVlmUCMHXiErzHLO5WQCTE4
ebPbR1bQ31a3EbClP/B8U3CfWsQI7v4jdCAIMpsO5t+JTSqOw+1pQZ0CelPgIpRF
z/QbW0AU4WCcztglgMfAN0SRe2Osa9KICNJi4x+b9nyhyGDz89CU0GFyNJP9rQ08
HsK0bs+MAtlI/zg+x2KUeFuAn5/KsyZk4UxIWaArD/hFNy/8ZMxu1t82dCjzMoBt
q0731wugv1T8TdVuQE295KyZ2g1960FHHH/UQGTondbloZYbPaw+EtHHlrkk/Ce0
r2/mL14FmCWoqWulZlKNnPebDJtKEpnwwR332Jkfumk1fAuDP/QQScBmewYHRKls
7MyqXS/LzRjMYU+GDmlw
=qRBe
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ