[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Readline vulnerability report and CVE request for readline vulnerability

From: minipython
Subject: Readline vulnerability report and CVE request for readline vulnerability
Date: Tue, 11 Apr 2023 18:58:14 +0800

Dear bug-readline@gnu.org,

I would like to report some security vulnerabilities that I discovered in Readline and request CVE identifiers. The details of the vulnerabilities are as follows:

Readline version: 8.2
Machine and OS: Ubuntu 20.04.1 x86-64
Compilation flags: "./configure CC=/root/fuzzers/AFLplusplus/afl-clang-fast CXX=/root/fuzzers/AFLplusplus/afl-clang-fast++" with ASan and UBSan instrumentation.
I have uploaded the ASAN information and the vulnerability type, containing 13 vulnerabilities, as attachments to this email.

To reproduce the bug reliably, I made the following modifications:

First, I changed the sprintf function in the fileman code in the examples directory to snprintf (snprintf(syscom, 1024, "ls -FClg %s", arg)) to prevent issues with the fileman code itself.
Then, I tested fileman because it uses many readline functions. I have attached the modified fileman.c code in the attachments.
Finally, I compiled readline and fileman with ASan instrumentation and ran fileman < bug to successfully reproduce the issue. The bugs are also attached.
I apologize that I am not able to provide a proposed fix at this time.

Thank you for your attention to this matter. Please let me know if you require any further information.



Attachment: bug.pdf
Description: Binary data

Attachment: fileman.c
Description: Binary data

Attachment: unique_crashes.tar.gz
Description: Binary data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]