CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
eglibc	14.10 utopic	Not in release
	14.04 LTS trusty	Fixed 2.19-0ubuntu6.6
	12.04 LTS precise	Fixed 2.15-0ubuntu10.11
	10.04 LTS lucid	Not affected
glibc	14.10 utopic	Fixed 2.19-10ubuntu2.3
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

Notes

tyhicks

Note that the upstream bug #16618 contains the issue of CVE-2015-1472 *and* this CVE

mdeslaur

fixed in same commit as CVE-2015-1472

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
glibc	Upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06

Status

Notes

tyhicks

mdeslaur

Patch details

References

Related Ubuntu Security Notices (USN)

Other references