[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2017-15670, CVE-2017-15671 glibc: Buffer overflow and memory leak in glob with GL
From: Eddie Chapman <eddie () ehuk ! net>
Date: 2017-10-21 18:19:46
Message-ID: 4eb93d94-2788-3d38-06e7-53cfe9d43a52 () ehuk ! net
[Download RAW message or body]
Just a heads up for anyone around over the weekend ...
== CVE-2017-15670 ==
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670
"The GNU C Library (aka glibc or libc6) before 2.27 contains an
off-by-one error leading to a heap-based buffer overflow in the glob
function in glob.c, related to the processing of home directories using
the ~ operator followed by a long string."
https://sourceware.org/bugzilla/show_bug.cgi?id=22320
https://bugzilla.redhat.com/show_bug.cgi?id=1504804
"It is possible that an attacker might use this to escalate his
privileges or execute code."
Upstream patch:
https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=2d1bd71ec70a31b01d01b734faa66bb1ed28961f
== CVE-2017-15671 ==
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671
"The glob function in glob.c in the GNU C Library (aka glibc or libc6)
before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated
memory when processing the ~ operator with a long user name, potentially
leading to a denial of service (memory leak)."
https://sourceware.org/bugzilla/show_bug.cgi?id=22325
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15671
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic