This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug network/18287] New: (CVE-2015-1781)
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Tue, 21 Apr 2015 11:50:35 +0000
- Subject: [Bug network/18287] New: (CVE-2015-1781)
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=18287
Bug ID: 18287
Summary: (CVE-2015-1781)
Product: glibc
Version: 2.20
Status: NEW
Severity: normal
Priority: P2
Component: network
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
Flags: security+
Arjun Shankar of Red Hat discovered that the nss_dns code does not adjust the
buffer length when the buffer start pointer is aligned. As a result, a buffer
overflow can occur in the implementation of functions such as gethostbyname_r,
and crafted DNS responses might cause application crashes or result in
arbitrary code execution.
This can only happen if these functions are called with a misaligned buffer. I
looked at quite a bit of source code, and tested applications with a patched
glibc that logs misaligned buffers. I did not observe any such misaligned
buffers.
--
You are receiving this mail because:
You are on the CC list for the bug.