Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 333635 (CVE-2010-2947)

Summary: <sys-libs/libhx-3.5: Heap Overflow Vulnerability (CVE-2010-2947)
Product: Gentoo Security Reporter: Tim Sammut (RETIRED) <underling>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: hanno
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://libhx.git.sourceforge.net/git/gitweb.cgi?p=libhx/libhx;a=commitdiff;h=904a46f90dd3f046bfac0b64a5e813d7cd4fca59
Whiteboard: B1 [noglsa]
Package list:
Runtime testing required: ---

Description Tim Sammut (RETIRED) gentoo-dev 2010-08-20 15:41:55 UTC 
From $url:

When HX_split is called with a maximum number of desired fields (4th
argument != 0), passing in a string that has less fields than that led
to a buffer overrun (write beyond end of malloc'd area).

CVSS Base Score: 10
- Impact Subscore: 10
- Exploitability Subscore: 10

CVSS Temporal Score: 7.4
CVSS Environmental Score: Undefined

Overall CVSS Score: 7.4

CVSS Base vector:: AV:N/AC:L/Au:N/C:C/I:C/A:C
- AV: libHX may be used by network services
- Au: some services may not require authentication
- A: can cause crash when result is freed

CVSS Temporal vectors:: RL:O/RC:C

Affects all versions prior to, and including, 3.5.
Comment 1 Hanno Böck gentoo-dev 2010-08-20 17:33:42 UTC 
Added 3.5 + patch, archs please go ahead with stabilizing.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-20 17:40:34 UTC 
Reopening.
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-20 17:40:52 UTC 
Arches, please test and mark stable:
=sys-libs/libhx-3.5
Target keywords : "amd64 ppc x86"
Comment 4 Markos Chandras (RETIRED) gentoo-dev 2010-08-21 16:57:04 UTC 
amd64 done
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-08-21 18:49:54 UTC 
x86 stable
Comment 6 Joe Jezak (RETIRED) gentoo-dev 2010-09-12 13:58:56 UTC 
Marked ppc stable.
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2010-09-22 23:11:24 UTC 
Fixing whiteboard and severity based on CVSS vector of:

AV:N/AC:L/Au:N/C:C/I:C/A:C

Thanks for the tip, Craig.
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2010-10-01 04:18:35 UTC 
GLSA request filed.
Comment 9 Matt Turner gentoo-dev 2011-05-14 20:30:29 UTC 
libhx-3.5 is stabilized everywhere it has keywords, and all versions below 3.5 have been dropped. Is there anything else that needs to be done?
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2011-05-14 20:37:03 UTC 
(In reply to comment #9)
> Is there anything else that needs to be done?

Hi, Matt. We need to publish a GLSA for this one (and any other open bugs with [glsa] in the whiteboard). Once that happens, we'll close the bug.
Comment 11 Matt Turner gentoo-dev 2013-10-05 01:15:43 UTC 
Can you go ahead and vote that you're not going to do anything?
Comment 12 Chris Reffett (RETIRED) gentoo-dev Security 2013-10-05 01:25:48 UTC 
Gladly. >3 years old, marking noglsa.