CVE-2014-6272
Published: 6 January 2015
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.
Priority
Status
Package | Release | Status |
---|---|---|
libevent Launchpad, Ubuntu, Debian |
upstream |
Released
(1.4.15,2.0.22)
|
lucid |
Released
(1.4.13-stable-1ubuntu0.1)
|
|
precise |
Released
(2.0.16-stable-1ubuntu0.1)
|
|
trusty |
Released
(2.0.21-stable-1ubuntu1.14.04.1)
|
|
utopic |
Released
(2.0.21-stable-1ubuntu1.14.10.1)
|
|
Patches: upstream: https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf (1.4) upstream: https://github.com/libevent/libevent/commit/20d6d4458bee5d88bda1511c225c25b2d3198d6c (2.0) upstream: https://github.com/libevent/libevent/commit/841ecbd96105c84ac2e7c9594aeadbcc6fb38bc4 (2.1) vendor: https://www.debian.org/security/2015/dsa-3119 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272
- http://archives.seul.org/libevent/users/Jan-2015/msg00011.html
- http://archives.seul.org/libevent/users/Jan-2015/msg00012.html
- http://archives.seul.org/libevent/users/Jan-2015/msg00013.html
- https://ubuntu.com/security/notices/USN-2477-1
- NVD
- Launchpad
- Debian