Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 22 Sep 2016 16:06:09 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Cc: "cve-assign@...re.org" <cve-assign@...re.org>
Subject: Re: CVE Request: VLC: Potential divide-by-zero issue

On Thu, Sep 22, 2016 at 07:12:32AM +0000, ajax secure wrote:
> Hi
> 
> Xiangkun Jia has discovered a divide-by-zero in VLC, which makes the application crashed and may be caused by buffer overflow. The fix is in
> 
> http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=85a64e10d665edf8a29526543b5c6fd4923437fd
> 
> Can you assign a CVE for this issue? Thank you.

Crashes without the potential for code injection in enduser applications
usually don't receive CVE ID assignments.

Cheers,
        Moritz

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.