Ubuntu
mono package

[Mono] Buffer overflow in Mono 1.2.5.1 and earlier

Bug #162826 reported by disabled.user on 2007-11-15

254

Affects		Status	Importance	Assigned to	Milestone
	mono (Ubuntu)	Fix Released	Undecided	Stephan Rügamer
	Dapper	Fix Released	Medium	Kees Cook
	Edgy	Fix Released	Medium	Kees Cook
	Feisty	Fix Released	Medium	Kees Cook
	Gutsy	Fix Released	Medium	Kees Cook

Bug Description

Binary package hint: mono

Description from CVE-2007-5197:
"Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors elated to Reduce in Montgomery-based Pow methods."

CVE References

2007-5197

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2007-11-21:

#1

Working on it

Changed in mono:
assignee:	nobody → shermann
status:	New → In Progress

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2007-11-21:

#3

gutsy debdiff to fix this issue Edit (2.5 KiB, text/plain)

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2007-11-21:

#4

feisty debdiff to fix this issue Edit (2.5 KiB, text/plain)

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2007-11-21:

#5

dapper debdiff to fix this issue Edit (2.6 KiB, text/plain)

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2007-11-21:

#6

edgy debdiff to fix this issue Edit (2.6 KiB, text/plain)

Revision history for this message

Kees Cook (kees) wrote on 2007-12-03:

#7

Fixed in Hardy. Thanks for the patches; this should be published shortly for the other releases.

Changed in mono:
status:	In Progress → Fix Released
assignee:	nobody → keescook
importance:	Undecided → Medium
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → Medium
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → Medium
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → Medium
status:	New → Fix Committed

Wouter Stomp (wouterstomp-deactivatedaccount) on 2008-01-30

Changed in mono:
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.