Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160814105011.GQ3971@scully.more-magic.net>
Date: Sun, 14 Aug 2016 12:50:11 +0200
From: Peter Bex <peter@...e-magic.net>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: CVE request for buffer overrun in CHICKEN process-execute and
 process-spawn posix procedures

Hello all,

I would like to request a CVE for a buffer overrun that
was detected in CHICKEN Scheme's "process-execute" and
"process-spawn" procedures from the posix unit.

CHICKEN preallocated an argument array of ARG_MAX items (or 256 if
that was undefined), and an environment array of ENV_MAX items
(or 1024 if that was undefined), and did not verify that the arguments
or environment lists were less than this size, resulting in a buffer
overrun if these lists were longer.

The full announcement can be found here:
http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html

The bugfix also fixed a memory leak in the same piece of code, which
could potentially be used to cause resource exhaustion/denial of
service situation.  Does this warrant another CVE?

The bug affects all releases of CHICKEN up to and including 4.11.

Cheers,
Peter Bex

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.