oob write in set_mem_access arch/AArch64/AArch64InstPrinter.c:73 #600

Closed
alvarofe opened this Issue Mar 6, 2016 · 5 comments

Projects

None yet

4 participants

@alvarofe
alvarofe commented Mar 6, 2016

@revskills has been fuzzing r2 and he found an issue in capstone

radare/radare2#4234

@aquynh
Owner
aquynh commented Mar 7, 2016

merged, thanks for the fix!

@aquynh aquynh closed this Mar 7, 2016
@revskills

Mitre has assigned CVE-2016-3160 for this issue

@aquynh
Owner
aquynh commented Mar 16, 2016

this is so cool! any links to this CVE yet?

just to clarify: this bug was in a very new commit to provide explicit register access for ARM64 arch, and it was there only about 2 week until it was detected. in addition, this is only in the "next" branch, which is still under development, so the number of people get affected is minimal.

thanks.

@AriEi4
AriEi4 commented Sep 14, 2016

@revskills Are you sure that Mitre assigned CVE-2016-3160 for this?

According to their website the CVE is still reserved and not in use -
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3160

@revskills

Yes, ask Mitre or someone using their feed.

On Wednesday, 14 September 2016, AriEi4 notifications@github.com wrote:

@revskills https://github.com/revskills Are you sure that Mitre
assigned CVE-2016-3160 for this?

According to their website the CVE is still reserved and not in use -
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3160


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#600 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACV1Tn1-1tMsqwfvc_pGTNt6oyHs1_uXks5qp_KtgaJpZM4HqYyt
.

Francisco Alonso.
http://twitter.com/revskills

PGP: 0xE2E64DCA

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment