538814 – (CVE-2015-1472) <sys-libs/glibc-2.20-r2: heap buffer overflow in glibc swscanf (CVE-2015-1472)

Bug 538814 (CVE-2015-1472) - <sys-libs/glibc-2.20-r2: heap buffer overflow in glibc swscanf (CVE-2015-1472)

Summary: <sys-libs/glibc-2.20-r2: heap buffer overflow in glibc swscanf (CVE-2015-1472)

Status:	RESOLVED FIXED

Alias:	CVE-2015-1472

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://sourceware.org/git/gitweb.cgi...
Whiteboard:	A2 [glsa cve]
Keywords:

Duplicates (1):	552694 (view as bug list)
Depends on:	CVE-2014-0475 544034
Blocks:
	Show dependency tree

Reported:	2015-02-04 14:49 UTC by Kristian Fiskerstrand (RETIRED)
Modified:	2016-02-17 15:38 UTC (History)
CC List:	2 users (show)

See Also:	https://sourceware.org/bugzilla/show_bug.cgi?id=16618 https://bugzilla.redhat.com/show_bug.cgi?id=1188235
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kristian Fiskerstrand (RETIRED) gentoo-dev

2015-02-04 14:49:02 UTC

From $URL:
Greetings,

https://sourceware.org/bugzilla/show_bug.cgi?id=16618
is almost 1 year old, and still not fixed in glibc trunk.

I have verified that the test case from it fails with libc6
2.19-0ubuntu6.5 and current trunk glibc.

Don't know if it's exploitable, but it seems like it could easily be.

(I'll see if I can fix it in the mean time.)

- --
RedHat bug at https://bugzilla.redhat.com/show_bug.cgi?id=1188235

Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev

2015-02-06 22:45:54 UTC

From upstream bug: Fixed in 2.21.

Comment 2 Yury German Gentoo Infrastructure

2015-02-15 23:55:55 UTC

2.21 is not available for stabilization yet as far as I see. Setting it back to ebuild until it is ready.

Comment 3 SpanKY gentoo-dev

2015-02-17 08:09:15 UTC

fix is also in glibc-2.20-r2 now

Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev

2015-02-17 08:54:26 UTC

(In reply to SpanKY from comment #3)
> fix is also in glibc-2.20-r2 now

Thanks

Comment 5 SpanKY gentoo-dev

2015-07-21 03:15:34 UTC

*** Bug 552694 has been marked as a duplicate of this bug. ***

Comment 6 GLSAMaker/CVETool Bot gentoo-dev

2016-02-17 15:38:28 UTC

This issue was resolved and addressed in
 GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02
by GLSA coordinator Tobias Heinlein (keytoaster).