projects / glibc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cdad72a) | patch
CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
authorFlorian Weimer <fweimer@redhat.com>
Thu, 25 Apr 2024 13:00:45 +0000 (15:00 +0200)
committerAdrian Bunk <bunk@debian.org>
Sat, 29 Jun 2024 10:27:34 +0000 (13:27 +0300)
commit7ae50e61a902d0e4a9ddcdb025712d2852e581d1
treefdd4d5aae02283f85bbd1f5a4e8b1e2921371d9ftree | snapshot
parentcdad72a5508ef640cadd4ffafc1c620a8756a4dacommit | diff
CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)

Using alloca matches what other caches do.  The request length is
bounded by MAXKEYLEN.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Gbp-Pq: Topic all
Gbp-Pq: Name git-0001-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch
nscd/netgroupcache.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.