Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 14 Feb 2017 19:43:32 +0100
From: Moritz Muehlenhoff <>
Subject: Re: Pending CVE requests for glibc

On Tue, Sep 08, 2015 at 01:02:44PM +0530, Huzaifa Sidhpurwala wrote:
> I could not help but notice, some glibc security issues were not
> assigned CVE ids.

Blast from the past :-)

I re-submitted this via the new MITRE webform and this got assigned
within a few hours. Here's the assignments looped back to oss-security:

> 1. glibc: multiple overflows in strxfrm()
> Integer overflow when computing memory allocation sizes (similar to
> CVE-2012-4412) was reported [1] in glibc strxfrm() function. Attached
> strxfrm-int32.c should trigger this issue on a 32-bit systems.
> Additionally, it was discovered [1] that strxfrm() falls back to an
> unbounded alloca if malloc fails making it vulnerable to stack-based
> buffer overflows (similar to CVE-2012-4424). Attached strxfrm-alloca.c
> should trigger this issue.
> Previously a request was made via:


> 2. glibc: _IO_wstr_overflow integer overflow
> An integer overflow flaw, leading to a heap-based buffer overflow, was
> found in glibc's _IO_wstr_overflow() function. If an application used
> this function, it could cause the application to crash or, potentially,
> execute arbitrary code with the privileges of the user running the
> application.


> 3. glibc: potential denial of service in internal_fnmatch()
> It was reported [1] that when processing certain malformed patterns,
> fnmatch can skip over the NUL byte terminating the pattern.  This can
> potentially result in an application crash if fnmatch hits an unmapped
> page before encountering a NUL byte.
> Previously a request was made via:


> 4. glibc: potential denial of service in pop_fail_stack()
> A crash was reported [1] during glibc extended regular expression
> processing. No known patch exists at the time of writing.



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ