Arch Linux Security Advisory ASA-201602-7 ========================================== Severity: Low Date : 2016-02-04 CVE-ID : CVE-2016-2090 Package : libbsd Type : denial of service Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package libbsd before version 0.8.2-1 is vulnerable to denial of service due to a buffer overflow in the "fgetwln"-function. Resolution ========== Upgrade to 0.8.2-1. # pacman -Syu "libbsd>=0.8.2-1" The problem has been fixed upstream in version 0.8.2. Workaround ========== None. Description =========== - CVE-2016-2090 (buffer overflow) libbsd 0.8.1 and earlier contains a buffer overflow in the function fgetwln(). An "if" checks if it is necessary to reallocate memory in the target buffer. However this check is off by one, therefore an out of bounds write happens. Impact ====== A local attacker might be able to crash the application. References ========== https://access.redhat.com/security/cve/CVE-2016-2090 https://bugs.freedesktop.org/show_bug.cgi?id=93881 http://article.gmane.org/gmane.comp.security.oss.general/18715 https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function...