Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability

To: "submit@bugs.debian.org" <submit@bugs.debian.org>
Subject: Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability
From: "Aeschbacher, Fabrice" <Fabrice.Aeschbacher@siemens.com>
Date: Wed, 23 Dec 2015 12:14:32 +0000
Message-id: <[🔎] 206487599C77A842924C0B4D3875783D1B5D162B@DENBGAT9EI5MSX.ww902.siemens.net>
Reply-to: "Aeschbacher, Fabrice" <Fabrice.Aeschbacher@siemens.com>, 808819@bugs.debian.org

Source: glibc
Version: 2.19-18+deb8u1
Severity: important
Tags: patch security

Dear Maintainer,

GNU C Library (glibc) contains integer overflows in the enlarge_userbuf() and
_IO_wstr_overflow() functions in libio/wstrops.c. These issues are triggered as
user-supplied input is not properly validated. This may allow a context-
dependent attacker to cause a heap-based buffer overflow, resulting in a denial
of service or potentially allowing the execution of arbitrary code.
Versions <= 2.22 are affected.

References:
  https://bugs.gentoo.org/show_bug.cgi?id=541246
  https://bugzilla.redhat.com/show_bug.cgi?id=1195762
  https://sourceware.org/bugzilla/show_bug.cgi?id=17269
  http://seclists.org/oss-sec/2015/q1/646

Patch:
  https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33

Reply to:

Follow-Ups:
- Processed (with 1 error): Re: Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability
  - From: Aurelien Jarno <aurelien@aurel32.net>

Prev by Date: Bug#806911: [Reproducible-builds] Bug#806911: Second build on failures
Next by Date: Processed (with 1 error): Re: Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability
Previous by thread: glibc_2.21-5_amd64.changes ACCEPTED into unstable
Next by thread: Processed (with 1 error): Re: Bug#808819: libio/wstrops.c: arbitrary code execution vulnerability
Index(es):
- Date
- Thread