[Bug 849693] CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary

bugzilla Fri, 16 Nov 2012 00:16:42 -0800

Product: Security Response
https://bugzilla.redhat.com/show_bug.cgi?id=849693


Jan Kratochvil <jan.kratoch...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |needinfo?(jlieskov@redhat.c
                   |                            |om)

--- Comment #31 from Jan Kratochvil <jan.kratoch...@redhat.com> ---
Jan,
is this bug therefore an "arbitrary code execution" exploitable or not?

IMO it is not, therefore it is a normal uninteresting crasher bug which has
been fixed upstream now and which is IMO not even worth a backport.  There are
many such uninteresting invalid-input crasher bugs in GNU toolchain (see
Comment 2).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
mingw mailing list
mingw@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/mingw

[Bug 849693] CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary

Reply via email to