Bug 736174 – VUL-1: CVE-2009-5029: glibc: timezone integer overflow

Bug 736174 - VUL-1: CVE-2009-5029: glibc: timezone integer overflow


Summary:	VUL-1: CVE-2009-5029: glibc: timezone integer overflow

Status:	VERIFIED DUPLICATE of bug 735850

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Michael Matz
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2011-12-12 09:44 UTC by Matthias Weckbecker
Modified:	2011-12-12 12:43 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Weckbecker 2011-12-12 09:44:13 UTC

There is an integer overflow in the timezone handling in glibc. The __tzfile_read() function parses timezone files and does not validate
user-controllable integers that are later used to allocate memory with 
a call to malloc(),

  http://dividead.wordpress.com/tag/heap-overflow/

And a possible attack vector: 

  http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html

Comment 1 Matthias Weckbecker 2011-12-12 12:43:04 UTC

dupe

*** This bug has been marked as a duplicate of bug 735850 ***