Red Hat Bugzilla – Bug 1256797
CVE-2015-6525 libevent: multiple integer overflows in the evbuffer APIs
Last modified: 2015-12-02 02:51:38 EST
Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the:
(4) exbuffer_reserve_space, or
(5) evbuffer_read function,
which triggers a heap-based buffer overflow or an infinite loop.
NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions.
Created libevent tracking bugs for this issue:
Affects: fedora-all [bug 1256804]
These issue were already investigated as part of CVE-2014-6272 (see bug 1144646), from which this CVE was split out. There is no new issue under this new CVE, only some issues that were originally tracked under CVE-2014-6272 now have a separate id. This CVE-2015-6525 only covers issues in APIs only available in libevent 2.0 and later.