Bug#615120: eglibc: alloca memory corruption

To: submit@bugs.debian.org
Subject: Bug#615120: eglibc: alloca memory corruption
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Fri, 25 Feb 2011 16:22:11 -0500
Message-id: <20110225162211.83a8d13a.michael.s.gilbert@gmail.com>
Reply-to: Michael Gilbert <michael.s.gilbert@gmail.com>, 615120@bugs.debian.org

package: eglibc
version: 2.11.2-10
severity: grave
tag: security

A memory corruption issue has been disclosed for eglibc [0].  I've
checked, and lenny (glibc), squeeze, and sid are affected by the poc.
experimental is not.  According to the report, this permits arbitrary
code execution.

[0] http://seclists.org/fulldisclosure/2011/Feb/635

Reply to:

Follow-Ups:
- Bug#615120: eglibc: alloca memory corruption
  - From: Aurelien Jarno <aurelien@aurel32.net>
- Bug#615120: marked as done (eglibc: alloca memory corruption)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: RFC: use of shlib bump for libc dependency on new multiarch directories?
Next by Date: Bug#615120: eglibc: alloca memory corruption
Previous by thread: r4529 - glibc-package/branches/eglibc-2.13/debian
Next by thread: Bug#615120: eglibc: alloca memory corruption
Index(es):
- Date
- Thread