Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <54D19336.1050307@gmail.com>
Date: Tue, 03 Feb 2015 22:34:14 -0500
From: Daniel Micay <danielmicay@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE request: heap buffer overflow in glibc
 swscanf

> Here, it seems that the goal of the policy is risk management for use
> of alloca. This is security relevant for some applications that use
> glibc, because it could (for example) allow a denial of service attack
> that's intended to trigger a failed alloca. There was one intended
> policy, and the the incorrect "__libc_use_alloca (newsize)" caused a
> different (and weaker) policy to be enforced instead.
> 
> Use CVE-2015-1473 for this risk-management error.

alloca isn't checked if -fstack-check isn't used, and most distributions
don't use it. There's a good chance that a guard page will be hit but no
guarantee without -fstack-check.


Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.