[arch-security] [ASA-201501-4] libevent: heap overflow
Remi Gacogne
rgacogne at archlinux.org
Tue Jan 13 09:27:35 UTC 2015
Arch Linux Security Advisory ASA-201501-4
=========================================
Severity: Medium
Date : 2015-01-13
CVE-ID : CVE-2014-6272
Package : libevent
Type : heap overflow
Remote : No
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package libevent before version 2.0.22-1 is vulnerable to a
potential heap overflow.
Resolution
==========
Upgrade to 2.0.22-1.
# pacman -Syu "libevent>=2.0.22-1"
The problem has been fixed upstream in version 2.0.22.
Workaround
==========
The potential heap overflow can be prevented by not using
evbuffer_add(), evbuffer_prepend(), evbuffer_expand(),
exbuffer_reserve_space(), or evbuffer_read() in a way leading to the use
of a buffer chunk larger than a single size_t.
Description
===========
A defect in the libevent evbuffer API could possibly leave some programs
that use the evbuffer API open to potential heap overflows. A program
using the evbuffer_add(), evbuffer_prepend(), evbuffer_expand(),
exbuffer_reserve_space(), or evbuffer_read() functions may be vulnerable
if an attacker is able to coax the linked program into trying to make a
buffer larger than that which would fit into a single size_t.
Impact
======
An attacker may be able to execute arbitrary code in a program using a
vulnerable version of libevent. Upstream has attempted to identify any
programs using libevent in a vulnerable way and has not as of yet found
any that do but, as a precaution, recommends upgrading.
References
==========
http://archives.seul.org/libevent/users/Jan-2015/msg00010.html
https://bugs.archlinux.org/task/43366
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6272
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20150113/35ce1380/attachment.asc>
More information about the arch-security
mailing list