[Midnightbsd-cvs] [MidnightBSD/src] ddab4f: A malicious value of size in a structure of packed...
Lucas Holt
noreply at github.com
Sun Sep 22 10:28:31 EDT 2024
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: ddab4ffce9ba63bfd31b7d0668c8d4671bcb60d7
https://github.com/MidnightBSD/src/commit/ddab4ffce9ba63bfd31b7d0668c8d4671bcb60d7
Author: Lucas Holt <luke at foolishgames.com>
Date: 2024-09-22 (Sun, 22 Sep 2024)
Changed paths:
M sys/contrib/libnv/nvlist.c
Log Message:
-----------
A malicious value of size in a structure of packed libnv can cause an integer
overflow, leading to the allocation of a smaller buffer than required for the
parsed data. The introduced check was incorrect, as it took into account the
size of the pointer, not the structure. This vulnerability affects both
kernel and userland.
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list