http://bugzilla.opensuse.org/show_bug.cgi?id=1022917 Bug ID: 1022917 Summary: VUL-1: libevent: DNS remote stack overread vulnerability Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Ref: http://seclists.org/oss-sec/2017/q1/250 ============================================== Libevent 2.1.6 fixed three bugs that may have security implications. 1) libevent dns remote stack overread vulnerability ------ the name_parse() function in libevent's DNS code is vulnerable to a buffer overread. 971 if (cp != name_out) { 972 if (cp + 1 >= end) return -1; 973 *cp++ = '.'; 974 } 975 if (cp + label_len >= end) return -1; 976 memcpy(cp, packet + j, label_len); 977 cp += label_len; 978 j += label_len; No check is made against length before the memcpy occurs. [...] azat closed this in 96f64a0 on Feb 1, 2016 ------ https://github.com/libevent/libevent/issues/317 ============================================== (open-)SUSE: https://software.opensuse.org/package/libevent : TW: 2.0.22 42.(1|2): 2.0.21 SLE12-SP2 seems not shipping libevent. -- You are receiving this mail because: You are on the CC list for the bug.