Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <5638AB3E.30209@sumptuouscapital.com>
Date: Tue, 3 Nov 2015 13:40:30 +0100
From: Kristian Fiskerstrand <kristian.fiskerstrand@...ptuouscapital.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE Request: pycurl use after free fixed in version 7.19.5.2

Dear all,

pycurl reports fixing a use after free in version 7.19.5.2[0]

* Fixed a use after free in HTTPPOST when using FORM_BUFFERPTR with
  a Unicode string (patch by Clint Clayton).

This seems to be in the file src/easy.c fixed in commit
602f8e364634d386524f0396e962c2c9de0536a9[1]

I haven't looked into the code in any detail for exploitability, but
my understanding is that use-after-free generally gets assigned a CVE
based on CWE 416[2], if so may you please assign a CVE to this issue?

References:
[0] https://github.com/pycurl/pycurl/blob/master/ChangeLog
[1]
https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
[2] http://cwe.mitre.org/data/definitions/416.html

-- 
----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"At 18 our convictions are hills from which we look; At 45 they are
caves in which we hide."
(F. Scott Fitzgerald)


Download attachment "signature.asc" of type "application/pgp-signature" (456 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.