⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.184
Server IP:
65.21.180.239
Server:
Linux gowhm.eplangoweb.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
8.0.30
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
src
/
glibc
/
debian
/
patches
/
View File Name :
CVE-2024-33599.patch
From 87801a8fd06db1d654eea3e4f7626ff476a9bdaa Mon Sep 17 00:00:00 2001 From: Florian Weimer <fweimer@redhat.com> Date: Thu, 25 Apr 2024 15:00:45 +0200 Subject: [PATCH] CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) Using alloca matches what other caches do. The request length is bounded by MAXKEYLEN. Reviewed-by: Carlos O'Donell <carlos@redhat.com> --- nscd/netgroupcache.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- glibc-2.31.orig/nscd/netgroupcache.c +++ glibc-2.31/nscd/netgroupcache.c @@ -503,12 +503,13 @@ addinnetgrX (struct database_dyn *db, in = (struct indataset *) mempool_alloc (db, sizeof (*dataset) + req->key_len, 1); - struct indataset dataset_mem; bool cacheable = true; if (__glibc_unlikely (dataset == NULL)) { cacheable = false; - dataset = &dataset_mem; + /* The alloca is safe because nscd_run_worker verfies that + key_len is not larger than MAXKEYLEN. */ + dataset = alloca (sizeof (*dataset) + req->key_len); } datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,