tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Buffer Copy without Checking Size of Input (CVE-2016-6559)

To: Pierre Pronchery <khorben%defora.org@localhost>
Subject: Re: Buffer Copy without Checking Size of Input (CVE-2016-6559)
From: kuehro%posteo.de@localhost
Date: Wed, 07 Dec 2016 08:59:09 +0100

I just noticed this post:
https://www.kb.cert.org/vuls/id/548487
...
Is someone working on this?


The side-by-side view of yesterdays fix in FreeBSD looks like this:

https://svnweb.freebsd.org/base/head/lib/libc/net/linkaddr.c?r1=288045&r2=309639

and their original version was quite similar to the one in NetBSD.

Kai-Uwe

Follow-Ups:
- Re: Buffer Copy without Checking Size of Input (CVE-2016-6559)
  - From: Paul Goyette

References:
- Buffer Copy without Checking Size of Input (CVE-2016-6559)
  - From: Pierre Pronchery

Prev by Date: Buffer Copy without Checking Size of Input (CVE-2016-6559)
Next by Date: Re: Buffer Copy without Checking Size of Input (CVE-2016-6559)
Previous by Thread: Buffer Copy without Checking Size of Input (CVE-2016-6559)
Next by Thread: Re: Buffer Copy without Checking Size of Input (CVE-2016-6559)
Indexes:

Home | Main Index | Thread Index | Old Index