oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: icu out of bounds access

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 09 Dec 2011 09:13:00 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/09/2011 01:31 AM, Ludwig Nussel wrote:

Hi,

An of bounds access was reported in icu:
http://bugs.icu-project.org/trac/ticket/8984

Unfortunately the chrome bug is private but the commit says "buffer
overflow":
http://codereview.chromium.org/8822005/patch/6001/7002

I suppose a negative len could end up in the strncpy at the end of the
function causing a buffer overflow.

cu
Ludwig


Please use CVE-2011-4599 for this issue.

- -- 

- -Kurt Seifried / Red Hat Security Response Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBAgAGBQJO4jOMAAoJEBYNRVNeJnmTQSQP/1xlN0UhL6VLlXoA4crkUluR
URvaK/ZD9GYB9T/cX7gGzemhKjTeEQquKR9lA9nn1CTKowrqtG1//l9TKHJ53vjw
d4IQKrjf8pIv9IZeWMT1hIpT+8o63od1mMXtqAME05T5pCxALC8/YbMa5zTZNyYc
mGrlhk1uUeldVnKEXslbjk03pbp1T4ybV7oq8k3G59kwz0xaAz1LGuKP05aTXf7a
h4Qr0ct+Dsczw/544Gnjx91SsM7p7nEfRT5eKppqCVXMpDxpMbT6KXJh9Nj42Vkz
GJRtVtvygeapAoES6d/OuCWYmTf7X/H85Gu1042DINRYaDdjfTucDD1GMN8W/ZZD
ThryHpkcef32xc+ZGQF7MLF07CnSu+mcH/Ed8yBqPEfE1V0l6+p9crWAEJm+/Blz
5Z7kUCH93mSjnV0tGNl7FJ8luSZEpDNrnrJ4rT0N0npv2s9JvUXP72odrzhOGg3i
3E2yw2/DRNyItsPlS2PtlJHu53YZhz2rKbu9LBXepD7FsOOyDZJL+O7Uu9XT383P
8ZBou0VCI6Lcw+zBMtAdpOCeWVRkgfjZ+n5LrhWFtJfH4bYwgUCkh8koSMdMTVsz
bdbm+9XSj+m03X/otk3URNUa2tcCfGPZVbS/2yM3+EgDsB4xPXeXvXTEwZWQHKsS
hNEOOLNnDRzndZWa1qV3
=V1JK
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: