oss-sec mailing list archives

Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters

From: Florian Weimer <fweimer () redhat com>
Date: Mon, 19 Aug 2013 11:40:52 +0200

On 08/12/2013 06:28 PM, Kurt Seifried wrote:

Upstream bug report: [1]
http://sourceware.org/bugzilla/show_bug.cgi?id=14699

Latest patch proposal: [2]
http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html

References: [3] https://bugzilla.redhat.com/show_bug.cgi?id=995839

Please use CVE-2013-4237 for this issue.


Thanks.  The upstream commit is:

http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=91ce408

--
Florian Weimer / Red Hat Product Security Team

Current thread:

CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters Jan Lieskovsky (Aug 11)
- Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters Florian Weimer (Aug 11)
- Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters Kurt Seifried (Aug 12)
  - Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters Florian Weimer (Aug 19)