]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 69b49e8) | patch
glibc: Fix CVE-2015-8778
authorYuanjie Huang <yuanjie.huang@windriver.com>
Wed, 27 Apr 2016 09:32:55 +0000 (02:32 -0700)
committerRobert Yang <liezhi.yang@windriver.com>
Wed, 11 May 2016 02:59:39 +0000 (19:59 -0700)
commit71b051f51a44dad1fdca7ca6b3552d0aebdc91d3
tree03d3a442d40f4ae32f80a596ea8e662fa21e57b7tree | snapshot
parent69b49e8dc45cf60defba547d93e663df42c92127commit | diff
glibc: Fix CVE-2015-8778

CVE: CVE-2015-8778

Improve check against integer wraparound in hcreate_r [BZ #18240]

This is an integer overflow in hcreate and hcreate_r which can result in
an out-of-bound memory access.  This could lead to application crashes
or, potentially, arbitrary code execution.

Upstream-Status: Backport [2.23]
(cherry-picked from commit bae7c7c74bd228c8)

Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
meta/recipes-core/glibc/glibc/CVE-2015-8778.patch [new file with mode: 0644] blob
meta/recipes-core/glibc/glibc_2.22.bb diff | blob | history
Mirror of the official openembedded-core repository