[Bug network/22333] New: out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] New: out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

            Bug ID: 22333
           Summary: out of bounds stack read in libidn (CVE-2016-6261)
                    unpatched in libc
           Product: glibc
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: network
          Assignee: unassigned at sourceware dot org
          Reporter: dilfridge at gentoo dot org
  Target Milestone: ---

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows
context-dependent attackers to cause a denial of service (out-of-bounds read
and crash) via 64 bytes of input.

CVE:
https://nvd.nist.gov/vuln/detail/CVE-2016-6261

libidn upstream fix:
http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d

The patch applies cleanly.

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

Andreas K. Huettel <dilfridge at gentoo dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           See Also|                            |https://bugs.gentoo.org/sho
                   |                            |w_bug.cgi?id=635010

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

--- Comment #1 from Andreas K. Huettel <dilfridge at gentoo dot org> ---

>
> The patch applies cleanly.

(but unfortunately requires unrelated code that is not in glibc)

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fweimer at redhat dot com
              Flags|                            |security+

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|---                         |DUPLICATE
              Flags|security+                   |security-

--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Already reported as bug 19728.

*** This bug has been marked as a duplicate of bug 19728 ***

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---


*** This bug has been marked as a duplicate of bug 19729 ***

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---


*** This bug has been marked as a duplicate of bug 19728 ***

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug network/22333] out of bounds stack read in libidn (CVE-2016-6261) unpatched in libc

tromey at sourceware dot org
In reply to this post by tromey at sourceware dot org
https://sourceware.org/bugzilla/show_bug.cgi?id=22333

Jeremi <jeremip11 at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jeremip11 at gmail dot com

--
You are receiving this mail because:
You are on the CC list for the bug.