-
Recent Posts
- binutils: invalid memory read in find_abstract_instance_name (dwarf2.c)
- binutils: NULL pointer dereference in concat_filename (dwarf2.c) (INCOMPLETE FIX FOR CVE-2017-15023)
- binutils: heap-based buffer overflow in parse_die (dwarf1.c)
- binutils: NULL pointer dereference in bfd_hash_hash (hash.c)
- binutils: NULL pointer dereference in concat_filename (dwarf2.c)
Recent Comments
- Håvard Eidnes on lame: stack-based buffer overflow in III_dequantize_sample (layer3.c)
- CVE-2017-15020 – 安百科技 on binutils: heap-based buffer overflow in parse_die (dwarf1.c)
- CVE-2017-15022 – 安百科技 on binutils: NULL pointer dereference in bfd_hash_hash (hash.c)
- CVE-2017-14939 – 安百科技 on binutils: heap-based buffer overflow in read_1_byte (dwarf2.c)
- CVE-2017-14729 – 安百科技 on binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)
Archives
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: February 2016
portage-utils: stack-based buffer overflow in qfile.c
Description: Portage-utils is small and fast portage helper tools written in C. I discovered that a crafted file is able to cause a stack-based buffer overflow. The complete ASan output: ~ # qfile -f qfile-OOB-crash.log ================================================================= ==12240==ERROR: AddressSanitizer: stack-buffer-overflow on … Continue reading
Posted in advisories, gentoo, security
3 Comments
portage-utils: heap-based buffer overflow in qlop.c
Description: Portage-utils is small and fast portage helper tools written in C. I discovered that a crafted file is able to cause an heap-based buffer overflow. The complete ASan output: ~ # qlop -f $CRAFTED_FILE -s Mon Jan 25 11:38:31 … Continue reading
Posted in advisories, security
Leave a comment