Date: Sat, 21 Oct 2017 19:19:46 +0100 From: Eddie Chapman <eddie@...k.net> To: oss-security@...ts.openwall.com Subject: CVE-2017-15670, CVE-2017-15671 glibc: Buffer overflow and memory leak in glob with GLOB_TILDE Just a heads up for anyone around over the weekend ... == CVE-2017-15670 == http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670 "The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string." https://sourceware.org/bugzilla/show_bug.cgi?id=22320 https://bugzilla.redhat.com/show_bug.cgi?id=1504804 "It is possible that an attacker might use this to escalate his privileges or execute code." Upstream patch: https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=2d1bd71ec70a31b01d01b734faa66bb1ed28961f == CVE-2017-15671 == http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671 "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak)." https://sourceware.org/bugzilla/show_bug.cgi?id=22325 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15671
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.