Arch Linux Security Advisory ASA-201503-26 ========================================== Severity: Critical Date : 2015-03-31 CVE-ID : CVE-2015-1817 Package : musl Type : arbitrary code execution Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package musl before version 1.1.8-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 1.1.8-1. # pacman -Syu "musl>=1.1.8-1" The problem has been fixed upstream in version 1.1.8. Workaround ========== None. Description =========== A stack-based buffer overflow has been found in musl libc's ipv6 address literal parsing code. Programs which call the inet_pton or getaddrinfo function with AF_INET6 or AF_UNSPEC and untrusted address strings are affected. Successful exploitation yields control of the return address. Having enabled stack protector at the application level does not mitigate the issue. Impact ====== An attacker can execute arbitrary code by submitting a carefully crafted IPv6 address to a program linked with musl calling inet_pton() or getaddrinfo() with AF_INET6 or AF_UNSPEC. References ========== http://www.openwall.com/lists/musl/2015/03/30/1 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1817