oss-sec mailing list archives
Re: Libtorrent http_parser.cpp denial of service
From: cve-assign () mitre org
Date: Sat, 4 Jun 2016 22:16:52 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
I recently opened a bug on libtorrent regarding malformed HTTP or UPnP responses https://github.com/arvidn/libtorrent/issues/780 https://github.com/arvidn/libtorrent/pull/782
A specially crafted HTTP response from a tracker (or potentially a UPnP broadcast) can crash libtorrent in the parse_chunk_header() function. AddressSanitizer: SEGV on unknown address Memcheck, a memory error detector Invalid read of size 1
Use CVE-2016-5301. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXU4siAAoJEHb/MwWLVhi2KbIP/1tVXGYZeEa2sb34OgsgVYiV M8l+7yc+cOfOmPASgA3qo5ANkjX7QHCn1IjZaRM77716b1fM4+PQI49PZHpve9FE 5fhx1Mn+2hQicbOyEbzkRz/p/qU1seUWwFfo/6rHRtgLDGl/A375PkCWL6nVG6sw ufJ57CdKPLPv2/ZL/BEwP2DeYlCAYTd8lHiFeia4VvxG3VEgeYM4kkS9tiHuvcdN SlmfTW/1uWL+Q45wmvlRNq4WZhTWjaNm5VYFIrV1E1iagtC9S2OBvnEwZpwDH1VP rSTW7erlRz8ZThjKf9zwGpFwFMzkYzx0kDhMBkLOIrvorXLiTx+QJAsdNBycryKy LQ8y33OUB+eIHgwaAVoTSAzuWcoC/tjuSNh/JpIyPQtkeKCbBVeosLxmrlLoo9q0 GImRXM4hOAwIgvPfJQrWbbdP3OV8r3xZd09+MVbTuBkIqr0nLP3ljPAEYZQFhZXQ gNETQglchAU8qqLntwO8XjcxeeEncYWoTEnet4fgGfiimXjjQsH/fCM4W27gUPak x/8hROSJB7fkldlddtk4wgc8j9mEk4dfzyRbpc99DNWYE4MJ5HkXMS63hkViqq/A fQ8EaIoa1LOrq+FFjwitrHMCOHEkHnejDAMMqAnEK/X5VXc9t3SsVlcIg4KWmNmP lrec6mVfkk8wKlKpEsNz =BR8M -----END PGP SIGNATURE-----
Current thread:
- Libtorrent http_parser.cpp denial of service Brandon Perry (Jun 04)
- Re: Libtorrent http_parser.cpp denial of service cve-assign (Jun 04)