[OE-core] [PATCH 2/2] glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow

Haris Okanovic haris.okanovic at ni.com
Fri May 8 15:50:03 UTC 2015


On 05/07/2015 06:19 PM, Haris Okanovic wrote:
> Backport Arjun Shankar's patch for CVE-2015-1781:
>
> A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
> other related functions computed the size of a buffer when passed a
> misaligned buffer as input. An attacker able to make an application call
> any of these functions with a misaligned buffer could use this flaw to
> crash the application or, potentially, execute arbitrary code with the
> permissions of the user running the application.
>
> https://sourceware.org/bugzilla/show_bug.cgi?id=18287
>
> Signed-off-by: Haris Okanovic <haris.okanovic at ni.com>
> Signed-off-by: Ken Sharp <ken.sharp at ni.com>
> Reviewed-by: Rich Tollerton <rich.tollerton at ni.com>
> ---

Note that this patch is to apply to the Dizzy branch of 
openembedded-core (glibc 2.20). It might cleanly apply to other branches 
also using glibc 2.20, but I've only tested with Dizzy.

CVE-2015-1781 is fixed in glibc 2.22 and later.

Thanks,
Haris



More information about the Openembedded-core mailing list