Bug 1197798 (CVE-2015-8985) - CVE-2015-8985 glibc: potential denial of service in pop_fail_stack()
Summary: CVE-2015-8985 glibc: potential denial of service in pop_fail_stack()
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-8985
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1197799
Blocks: 1187112 1197800
TreeView+ depends on / blocked
 
Reported: 2015-03-02 16:01 UTC by Vasyl Kaigorodov
Modified: 2019-09-29 13:29 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-24 08:28:06 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Sourceware 18032 0 P2 RESOLVED buffer overflow (read past end of buffer) in internal_fnmatch (CVE-2015-8984) 2020-08-11 06:39:45 UTC

Description Vasyl Kaigorodov 2015-03-02 16:01:18 UTC 
A crash was reported [1] during glibc extended regular expression processing.
No known patch exists at the time of writing.

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392
Comment 1 Vasyl Kaigorodov 2015-03-02 16:01:40 UTC 
Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 1197799]
Comment 2 Huzaifa S. Sidhpurwala 2015-09-08 07:24:38 UTC 
CVE request via:

http://openwall.com/lists/oss-security/2015/09/08/2
Comment 3 Carlos O'Donell 2015-11-04 20:50:53 UTC 
This is still present in glibc upstream as of 2015-11-04.
Comment 4 Andrej Nemec 2017-02-15 09:09:33 UTC 
CVE assignment:

http://seclists.org/oss-sec/2017/q1/437
Note You need to log in before you can comment on or make changes to this bug.