[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27429: Stack clash (CVE-2017-1000366 etc)
From: |
Leo Famulari |
Subject: |
bug#27429: Stack clash (CVE-2017-1000366 etc) |
Date: |
Mon, 19 Jun 2017 19:05:10 -0400 |
User-agent: |
Mutt/1.8.3 (2017-05-23) |
I'm currently testing the patch for CVE-2017-1000369 in Exim:
https://git.exim.org/exim.git/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
"To reach the start of the stack with the end of the heap (man brk), we
permanently leak memory through multiple -p command-line arguments that
are malloc()ated by Exim but never free()d (CVE-2017-1000369) -- we call
such a malloc()ated chunk of heap memory a "memleak-chunk"."
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
signature.asc
Description: PGP signature
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc),
Leo Famulari <=
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/22