Bug 1157341 - konversation: out-of-bounds read flaw
Summary: konversation: out-of-bounds read flaw
Keywords:
Status: CLOSED DUPLICATE of bug 1156418
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1157342 1157343
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-27 04:27 UTC by Murray McAllister
Modified: 2019-09-29 13:23 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2014-10-27 04:44:10 UTC
Embargoed:

Attachments (Terms of Use)
patch from upstream (1.59 KB, patch)
2014-10-27 04:28 UTC, Murray McAllister 		no flags Details | Diff
View All

Description Murray McAllister 2014-10-27 04:27:12 UTC 
An out-of-bounds read flaw was reported that affects Quassel (bug 1156418) and Konversation. A remote attacker could possibly use this flaw to cause Konversation to crash. This flaw could also leak memory.

References:

http://seclists.org/oss-sec/2014/q4/431
https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138
https://bugs.kde.org/show_bug.cgi?id=210792
Comment 1 Murray McAllister 2014-10-27 04:28:16 UTC 
Created attachment 950882 [details]
patch from upstream
Comment 2 Murray McAllister 2014-10-27 04:29:04 UTC 
Created konversation tracking bugs for this issue:

Affects: fedora-all [bug 1157342]
Affects: epel-all [bug 1157343]
Comment 3 Murray McAllister 2014-10-27 04:43:09 UTC 
MITRE assigned CVE-2014-8483 to these issues:

http://seclists.org/oss-sec/2014/q4/448

As the same CVE cannot alias more than one bug, I'm going to close this top level one and mark it a duplicate of bug 1156418
Comment 4 Murray McAllister 2014-10-27 04:44:10 UTC 

*** This bug has been marked as a duplicate of bug 1156418 ***
Note You need to log in before you can comment on or make changes to this bug.