Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 538814 (CVE-2015-1472)

Summary: <sys-libs/glibc-2.20-r2: heap buffer overflow in glibc swscanf (CVE-2015-1472)
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: glsamaker, toolchain
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
See Also: https://sourceware.org/bugzilla/show_bug.cgi?id=16618
https://bugzilla.redhat.com/show_bug.cgi?id=1188235
Whiteboard: A2 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 516884, 544034    
Bug Blocks:    

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-02-04 14:49:02 UTC 
From $URL:
Greetings,

https://sourceware.org/bugzilla/show_bug.cgi?id=16618
is almost 1 year old, and still not fixed in glibc trunk.

I have verified that the test case from it fails with libc6
2.19-0ubuntu6.5 and current trunk glibc.

Don't know if it's exploitable, but it seems like it could easily be.

(I'll see if I can fix it in the mean time.)

- --
RedHat bug at https://bugzilla.redhat.com/show_bug.cgi?id=1188235
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-02-06 22:45:54 UTC 
From upstream bug: Fixed in 2.21.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-02-15 23:55:55 UTC 
2.21 is not available for stabilization yet as far as I see. Setting it back to ebuild until it is ready.
Comment 3 SpanKY gentoo-dev 2015-02-17 08:09:15 UTC 
fix is also in glibc-2.20-r2 now
Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-02-17 08:54:26 UTC 
(In reply to SpanKY from comment #3)
> fix is also in glibc-2.20-r2 now

Thanks
Comment 5 SpanKY gentoo-dev 2015-07-21 03:15:34 UTC 
*** Bug 552694 has been marked as a duplicate of this bug. ***
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2016-02-17 15:38:28 UTC 
This issue was resolved and addressed in
 GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02
by GLSA coordinator Tobias Heinlein (keytoaster).