DSA-3119-1 libevent -- libeventID: oval:org.secpod.oval:def:601900 | Date: (C)2015-01-08 (M)2023-06-16 |
Class: PATCH | Family: unix |
Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t.