1300299 – (CVE-2015-8776) CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data to strftime()

Bug 1300299 (CVE-2015-8776) - CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data to strftime()

Summary: CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data t...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2015-8776
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1300300 1358011 1374658
Blocks:	1300316 1386080 1415638
TreeView+	depends on / blocked

Reported:	2016-01-20 12:42 UTC by Adam Mariš
Modified:	2021-02-17 04:29 UTC (History)
CC List:	21 users (show)
Fixed In Version:	glibc 2.23
Clone Of:
Environment:
Last Closed:	2019-06-08 02:47:32 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2017:0680	normal	SHIPPED_LIVE	Moderate: glibc security and bug fix update	2017-03-21 12:36:34 UTC
Red Hat Product Errata	RHSA-2017:1916	normal	SHIPPED_LIVE	Moderate: glibc security, bug fix, and enhancement update	2017-08-01 18:05:43 UTC
Sourceware	18985	None	None	None	2019-04-10 13:04:47 UTC

Description Adam Mariš 2016-01-20 12:42:55 UTC

It was found that out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information.

Upstream bug:

https://sourceware.org/bugzilla/show_bug.cgi?id=18985

CVE assignment:

http://seclists.org/oss-sec/2016/q1/153

Comment 1 Adam Mariš 2016-01-20 12:45:19 UTC

Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 1300300]

Comment 2 Huzaifa S. Sidhpurwala 2016-01-21 07:52:30 UTC

Upstream commit at:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d36c75fc0d44deec29635dd239b0fbd206ca49b7

Comment 3 Huzaifa S. Sidhpurwala 2016-01-22 06:14:04 UTC

Public reproducer available at:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blob_plain;f=time/tst-strftime.c;h=af3ff72faf9588126fb269b0e9080357c32b5fcb;hb=d36c75fc0d44deec29635dd239b0fbd206ca49b7

Comment 6 Martin Prpič 2016-07-07 07:56:39 UTC

Mitigation:

Check time values before they are passed to strftime, or call strftime only with struct tm values computed by gmtime or localtime.

Comment 8 errata-xmlrpc 2017-03-21 10:35:11 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2017:0680 https://rhn.redhat.com/errata/RHSA-2017-0680.html

Comment 10 errata-xmlrpc 2017-08-01 18:12:47 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2017:1916 https://access.redhat.com/errata/RHSA-2017:1916

Note You need to log in before you can comment on or make changes to this bug.

aavati
arjun.is
ashankar
codonell
fweimer
jakub
jwalter
law
mfabian
mnewsome
nlevinki
pfrankli
rfortier
rhs-bugs
sardella
sgirijan
siddhesh
slawomir
ssaha
vbellur
yozone