Re: CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)

[Florian Weimer <fweimer () redhat com>]

On 09/07/2012 07:21 PM, Kurt Seifried wrote:

> > 2) Issue #2 (mentioned here only for completeness, but I am not of
> > the opinion this should receive a CVE identifier. See argumentation
> > below [but open to glibc upstream / others to disprove it]).
>
> I will hold off on issuing a CVE for this then. Anyone want to weigh in?

It looks as if the alloca issue was introduced at the same time as the 
malloc-related overflow:

http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5358d026c74

So perhaps one CVE is enough for glibc bugs 14552 and 14547 because the 
problems are similar and affect the same versions.

--
Florian Weimer / Red Hat Product Security Team