Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2016-5824: use-after-free issues #286

rhertzog opened this issue Jan 20, 2017 · 2 comments


None yet
2 participants
Copy link

commented Jan 20, 2017

@brandonprry has been fuzzing libical last year and found some issues, he reported them first in #235 but closed the ticket when he opened the same ticket against thunderbird in the hope to get more answers: Also lacking any positive answer there, he published all his fuzzing results here:

At this point it's not clear whether those issues have been fixed in libical and if they have, it would be nice to know which commit fixed them. This is the point of this ticket.

A CVE number has been assigned to those issues: (CVE assignment here:


This comment has been minimized.

Copy link

commented Jan 27, 2017

Apparently #251 might be related.


This comment has been minimized.

Copy link

commented Jan 27, 2017

right. I had individual issues already assigned for those CVEs. all of them are fixed now except for #253 which we don't know what to do about.

@winterz winterz closed this Jan 27, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.