CVE-2015-6525
Published: 24 August 2015
Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions.
Notes
| Author | Note |
|---|---|
| mdeslaur | CVE was split from CVE-2014-6272, but fixes were already applied in usn-2477-1 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libevent Launchpad, Ubuntu, Debian |
precise |
Released
(2.0.16-stable-1ubuntu0.1)
|
| trusty |
Released
(2.0.21-stable-1ubuntu1.14.04.1)
|
|
| upstream |
Released
(1.4.15-stable, 2.0.22-stable, 2.1.5-beta)
|
|
| vivid |
Not vulnerable
(2.0.21-stable-2)
|
|
|
Patches: upstream: https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf upstream: https://github.com/libevent/libevent/commit/20d6d4458bee5d88bda1511c225c25b2d3198d6c upstream: https://github.com/libevent/libevent/commit/841ecbd96105c84ac2e7c9594aeadbcc6fb38bc4 |
||