[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Use after free in monit / _handleEvent
From: Hanno =?iso-8859-1?q?B=F6ck?= <hanno () hboeck ! de>
Date: 2018-12-23 8:31:30
Message-ID: 20181223093130.77312548 () computer
[Download RAW message or body]
Hi,
There's a use after free in monit that shows up if you run it for a
while on an active system with address sanitizer enabled.
I reported this in august:
https://bitbucket.org/tildeslash/monit/issues/764/use-after-free-in-function-_handleevent
Fix is here:
https://bitbucket.org/tildeslash/monit/commits/5827927c4623
The fix is unreleased, the current version (5.25.2) is still affected.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic