1032322 – (CVE-2013-6370) CVE-2013-6370 json-c: buffer overflow if size_t is larger than int

Bug 1032322 (CVE-2013-6370) - CVE-2013-6370 json-c: buffer overflow if size_t is larger than int

Summary: CVE-2013-6370 json-c: buffer overflow if size_t is larger than int

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2013-6370
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1085676 1085677 1085678 1086209 1097036 1097037
Blocks:	1028485 1032325
TreeView+	depends on / blocked

Reported:	2013-11-20 01:01 UTC by Vincent Danen
Modified:	2023-05-12 01:27 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-06-11 05:47:43 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2014:0703	0	normal	SHIPPED_LIVE	Moderate: json-c security update	2014-06-10 16:34:10 UTC

Description Vincent Danen 2013-11-20 01:01:20 UTC

Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures.  These functions need to be changed to using size_t if possible for sizes, or to be hardened against negative values if not.  This could be used to cause a denial of service in an application linked to the json-c library.


Acknowledgements:

This issue was discovered by Florian Weimer of the Red Hat Product Security Team.

Comment 3 Huzaifa S. Sidhpurwala 2014-04-09 06:18:53 UTC

Public via:

https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015

Comment 5 Huzaifa S. Sidhpurwala 2014-04-09 06:22:54 UTC

Created json-c tracking bugs for this issue:

Affects: fedora-all [bug 1085676]
Affects: epel-all [bug 1085677]

Comment 7 Fedora Update System 2014-04-17 06:04:07 UTC

json-c-0.11-6.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2014-04-30 04:07:30 UTC

json-c-0.11-6.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 errata-xmlrpc 2014-06-10 12:35:27 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 7

Via RHSA-2014:0703 https://rhn.redhat.com/errata/RHSA-2014-0703.html

Note You need to log in before you can comment on or make changes to this bug.