PIDL based autogenerated code allows overwriting beyond of allocated array
Bug #979808 reported by
Jelmer Vernooij
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| samba4 (Ubuntu) |
Fix Released
|
Critical
|
Jelmer Vernooij | ||
| Lucid |
Won't Fix
|
High
|
Unassigned | ||
| Natty |
Invalid
|
High
|
Unassigned | ||
| Oneiric |
Invalid
|
High
|
Unassigned | ||
Bug Description
Samba's pidl compiler generates broken code for some DCE/RPC interfaces, which allows arbitrary code execution.
Related branches
CVE References
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in samba4 (Ubuntu): | |
| status: | In Progress → Fix Released |
| no longer affects: | samba4 (Ubuntu Hardy) |
| Changed in samba4 (Ubuntu Lucid): | |
| status: | New → Triaged |
| Changed in samba4 (Ubuntu Natty): | |
| status: | New → Triaged |
| Changed in samba4 (Ubuntu Oneiric): | |
| status: | New → Triaged |
| Changed in samba4 (Ubuntu Lucid): | |
| importance: | Undecided → High |
| Changed in samba4 (Ubuntu Natty): | |
| importance: | Undecided → High |
| Changed in samba4 (Ubuntu Oneiric): | |
| importance: | Undecided → High |
Revision history for this message
| dino99 (9d9) wrote | #2 |
| Changed in samba4 (Ubuntu Oneiric): | |
| status: | Triaged → Invalid |
| Changed in samba4 (Ubuntu Natty): | |
| status: | Triaged → Invalid |
Revision history for this message
| Rolf Leggewie (r0lf) wrote | #3 |
| Changed in samba4 (Ubuntu Lucid): | |
| status: | Triaged → Won't Fix |
To post a comment you must log in.
This bug was fixed in the package samba4 - 4.0.0~alpha18.
---------------
samba4 (4.0.0~
* Add patch cve_2012_
PIDL based autogenerated code allows overwriting beyond of allocated
array. LP: #979808
-- Jelmer Vernooij <email address hidden> Thu, 12 Apr 2012 12:56:10 +0200