|
Message-ID: <4f2c7f2f-ad50-4c1b-b48b-17f287cdd043@oracle.com> Date: Tue, 12 Nov 2024 10:09:53 -0800 From: Alan Coopersmith <alan.coopersmith@...cle.com> To: oss-security@...ts.openwall.com Subject: CVE-2024-52533: Buffer overflow in socks proxy code in glib < 2.82.1 Another CVE was issued by Mitre yesterday for another bug listed on https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home https://gitlab.gnome.org/GNOME/glib/-/issues/3461 reports that: "set_connect_msg() receives a buffer of size SOCKS4_CONN_MSG_LEN but it writes up to SOCKS4_CONN_MSG_LEN + 1 bytes to it. This is because SOCKS4_CONN_MSG_LEN doesn't account for the trailing nul character that set_connect_msg() appends after the hostname." The fix was made by https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4281 which was then backported to the glib-2.82.1 release made on Sep. 19. https://www.cve.org/CVERecord?id=CVE-2024-52533 says that NVD has assigned a CVSS score of 9.8, but https://access.redhat.com/security/cve/CVE-2024-52533 suggests a score of 7.0 instead. -- -Alan Coopersmith- alan.coopersmith@...cle.com Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.