Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 2 Feb 2017 00:59:24 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: mp3splt: NULL pointer dereference in free_options (options_manager.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2017/02/01/mp3splt-null-pointer-dereference-in-free_options-options_manager-c
> 
> AddressSanitizer: SEGV on unknown address 0x000000000000
> 
> free_options ... mp3splt-2.6.2/src/options_manager.c:61:9

Use CVE-2017-5851.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYkscIAAoJEHb/MwWLVhi2QuMQAI1wmYRXOAdKbWAu3qbjyjAb
T6US40viwx/oHi6vz/LMSeZOEOdBpCVb+p67SoZbCWtKVPkBDBdoQX6luiMM64Or
mkR1rzVD99EX+9LrNM6SGVn1JM3O/9G3WYMnPx7fkXldic/1hx826fXlV8fzQ0VN
mzxPSi60y62c9FE9oacn9gcyasI678uKkEKeEA8WzJckkyRTDkvL/See/V7krPo8
GhGy1M5yh+SUK2v5h5bgM4vgSzKECfKSeIqFS3Ziv0exOltoBmHU85HB+dDHQeLr
Zg+sQeTwn6lJ23K+lr63gQNiPW2V9zuqpK5HSsA4wP56Ri/HFh+bKJfH13Y9THdU
K0ErdvQI/29qC/FnSYpGnWmLByQWCNCBl7wjFu9fWvYz7wdNeCmnWSONoU44U2PY
p5ueXHMQHVenw5+R9a/NwsSZjo2bx9qvTnGWqtptBuw/Lo4XoVhlqu5lMd8qAzoy
pQXL9ufZU7EsMZkY97SkVhe0BumTnNhzama6gJD13EaaqSw1xSJF0qrL5cbFmY01
RsmkN+N2nsA8CNZddEkbpo2nU/DhKIs+lphd3n7alUT8x5kIfvbCP5V5cUuDdhzU
aia9elERz3ZTiJHYoa9bzjiQOaqcZmiM+IEo5S0R/eZYDZE8eAw5AiKMIzKDVbaX
w6TyohVjszylCxwbnomj
=E74c
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.