oss-sec mailing list archives
Re: Cve issue discussion
From: Glenn Randers-Pehrson <glennrp () gmail com>
Date: Mon, 7 Aug 2017 08:47:35 -0400
It's not causing a crash, just a delay. You'll safely get either an OOM message or an EOF message.and no memory leak. Glenn On Mon, Aug 7, 2017 at 8:37 AM, Marcus Meissner <meissner () suse de> wrote:
Hi, if it could crash the image reader I would consider it "remote denial of service" classed and CVE worthy.
Current thread:
- Cve issue discussion ne xo (Aug 06)
- Re: Cve issue discussion Agostino Sarubbo (Aug 07)
- RE: Cve issue discussion ne xo (Aug 07)
- Re: Cve issue discussion Glenn Randers-Pehrson (Aug 07)
- Re: Cve issue discussion Marcus Meissner (Aug 07)
- Re: Cve issue discussion Glenn Randers-Pehrson (Aug 07)
- Re: Cve issue discussion Bob Friesenhahn (Aug 07)
- Re: Cve issue discussion John Haxby (Aug 07)
- Re: Cve issue discussion Glenn Randers-Pehrson (Aug 07)
- Re: Cve issue discussion Jesse Hertz (Aug 07)
- Re: Cve issue discussion Glenn Randers-Pehrson (Aug 07)
- RE: Cve issue discussion ne xo (Aug 09)
- Re: Cve issue discussion Glenn Randers-Pehrson (Aug 09)
- Re: Cve issue discussion Jesse Hertz (Aug 09)
- RE: Cve issue discussion ne xo (Aug 07)
- Re: Cve issue discussion Agostino Sarubbo (Aug 07)