Bug 17933 (CVE-2015-1473) - Stack overflow in swscanf (CVE-2015-1473)
Summary: Stack overflow in swscanf (CVE-2015-1473)
Status: RESOLVED DUPLICATE of bug 16618
Alias: CVE-2015-1473
Product: glibc
Classification: Unclassified
Component: stdio (show other bugs)
Version: 2.21
: P2 normal
Target Milestone: 2.22
Assignee: Not yet assigned to anyone
Depends on:
Reported: 2015-02-06 08:17 UTC by Florian Weimer
Modified: 2015-07-21 03:15 UTC (History)
0 users

See Also:
Last reconfirmed:
fweimer: security-


Note You need to log in before you can comment on or make changes to this bug.
Description Florian Weimer 2015-02-06 08:17:55 UTC
This is a placeholder bug for the second flaw in bug 16618.

From cve-assign in <http://www.openwall.com/lists/oss-security/2015/02/04/1>:

Here, it seems that the goal of the policy is risk management for use
of alloca. This is security relevant for some applications that use
glibc, because it could (for example) allow a denial of service attack
that's intended to trigger a failed alloca. There was one intended
policy, and the the incorrect "__libc_use_alloca (newsize)" caused a
different (and weaker) policy to be enforced instead.

Use CVE-2015-1473 for this risk-management error.
Comment 1 Florian Weimer 2015-02-06 08:20:03 UTC
Fixed in 2.21, as part of commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06.  Tracked in bug 16618, this is just a placeholder for the CVE-2015-1473 alias.

*** This bug has been marked as a duplicate of bug 16618 ***