Date: Thu, 09 Jun 2011 17:36:14 +0200 From: Jan Lieskovsky <jlieskov@...hat.com> To: "Steven M. Christey" <coley@...us.mitre.org> CC: oss-security <oss-security@...ts.openwall.com>, vladz <vladz@...zero.fr>, Josselin Mouette <joss@...ian.org>, Behdad Esfahbod <behdad@...me.org>, Christian Persch <chpe@...me.org>, Josselin Mouette <joss@...sain.org> Subject: CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences Hello, Josh, Steve, vendors, An memory exhaustion flaw was found in the way VTE, a terminal emulator widget, processed certain character sequences. A remote attacker could provide a specially-crafted file, which once opened in a terminal using the VTE terminal emulator could lead to excessive memory and CPU consumption (leading to subsequent particular process termination by OOM killer on some systems). References:  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629688  https://bugzilla.gnome.org/show_bug.cgi?id=652124  https://bugzilla.redhat.com/show_bug.cgi?id=712148 Could you allocate a CVE identifier for this? Thank you & Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.