diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/NEWS b/NEWS index 50a5e9f1c1..4c50500e95 100644 --- a/NEWS +++ b/NEWS @@ -34,12 +34,20 @@ The following bugs are resolved with this release: [24024] strerror() might set errno to ENOMEM due to -fno-math-error [24027] malloc: Integer overflow in realloc [24034] tst-cancel21-static fails with SIGBUS on pre-ARMv7 when using GCC 8 + [24097] Can't use 64-bit register for size_t in assembly codes for x32 (CVE-2019-6488) Security related changes: CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. + + CVE-2019-6488: On x32, the size_t parameter may be passed in the lower + 32 bits of a 64-bit register with with non-zero upper 32 bit. When it + happened, accessing the 32-bit size_t value as the full 64-bit register + in the assembly string/memory functions would cause a buffer overflow. + Reported by H.J. Lu. + Version 2.28 |