musl libc Remote Stack Buffer Overflow Vulnerability
BID:53144
Info
musl libc Remote Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 53144 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-2114 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 18 2012 12:00AM |
| Updated: | Sep 05 2012 09:49PM |
| Credit: | Rich Felker |
| Vulnerable: |
musl musl 0.8.7 |
| Not Vulnerable: |
musl musl 0.8.8 |
Discussion
musl libc Remote Stack Buffer Overflow Vulnerability
musl libc is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
An attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.
musl versions prior to 0.8.8 are vulnerable.
musl libc is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
An attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.
musl versions prior to 0.8.8 are vulnerable.
Exploit / POC
musl libc Remote Stack Buffer Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
musl libc Remote Stack Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
musl libc Remote Stack Buffer Overflow Vulnerability
References:
References:
- musl Homepage (etalabs)
- stack buffer overflow in vfprintf with long output (Rich Felker)