Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buffer overflow in pppd/plugins/radius/util.c if PID exceeds 16 bit #86

Closed
cbiedl opened this issue Jun 21, 2017 · 1 comment
Closed

Buffer overflow in pppd/plugins/radius/util.c if PID exceeds 16 bit #86

cbiedl opened this issue Jun 21, 2017 · 1 comment

Comments

@cbiedl
Copy link

cbiedl commented Jun 21, 2017

Hello,

reported in many places but appearently never got upstreamed:

If the PID exceeds 16 bit, the sprintf statement in rc_mksid results in a buffer overflow:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3310
https://bugs.debian.org/782450

Note the patch in Debian is just a workaround and should be % 65536 - obviously the better solution was to enhance the buffer size.
@paulusmack
Copy link
Collaborator

Fixed by 858976b.

jollaitbot pushed a commit to sailfishos/ppp that referenced this issue Apr 17, 2021
[ppp] [pppd] Add CVE-2015-3310.patch. JB#48797
dfa4a67 
See ppp-project/ppp#86
and https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/ppp

Signed-off-by: Alexey Andreev <a.andreev@omprussia.ru>
wongsyrone added a commit to wongsyrone/lede-1 that referenced this issue May 20, 2022
@wongsyrone
ppp: remove upstream patch
6633a67 
ppp-project/ppp#86
Fixed via ppp-project/ppp@858976b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paulusmack @cbiedl