CVE-2016-4429 vulnerability

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

CVE-2016-4429 vulnerability

siva gopi raju kudeti
Hi uClibc team,

I am using uClibc-0.9.33.2.tar.bz2 in my product. Here i want to know that
uClibc is CVE-2016-4429 vulnerable or not.

CVE-2016-4429 is stack overflow vulnerability. So, I have seen some code
snippet which affects the stack overflow in the
function clntudp_call in the file clnt_udp.c. But i don't know how to test
it, for actually affecting the stack.

Can you please provide me with the test process or give me the results if
it is vulnerable to the CVE-2016-4429 if you have done testing already.

I will wait for your reply.

Regards,
Gopi.
_______________________________________________
uClibc mailing list
[hidden email]
http://lists.busybox.net/mailman/listinfo/uclibc
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CVE-2016-4429 vulnerability

Waldemar Brodkorb
Hi Gopi,
siva gopi raju kudeti wrote,

> Hi uClibc team,
>
> I am using uClibc-0.9.33.2.tar.bz2 in my product. Here i want to know that
> uClibc is CVE-2016-4429 vulnerable or not.
>
> CVE-2016-4429 is stack overflow vulnerability. So, I have seen some code
> snippet which affects the stack overflow in the
> function clntudp_call in the file clnt_udp.c. But i don't know how to test
> it, for actually affecting the stack.
>
> Can you please provide me with the test process or give me the results if
> it is vulnerable to the CVE-2016-4429 if you have done testing already.
>
> I will wait for your reply.

I do not think the uClibc project is active anymore.
I have added the GNU libc patch to uClibc-ng:
http://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=9213ad631513d0e67d9d31465c9cdb3f3dde0399

It will be in the next release. You should better switch to
uClibc-ng with your product.

best regards
 Waldemar
_______________________________________________
uClibc mailing list
[hidden email]
http://lists.busybox.net/mailman/listinfo/uclibc
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CVE-2016-4429 vulnerability

siva gopi raju kudeti
Hi Waldemar,

Thanks for the immediate replay.

The patch you given looks good. I will make out this patch.

After that, testing with the IPERF or PING is fine or any other way is
there to test.

Can you please suggest me to do that.


Regards,
Gopi.

On 6 August 2016 at 01:19, Waldemar Brodkorb <[hidden email]> wrote:

> Hi Gopi,
> siva gopi raju kudeti wrote,
>
> > Hi uClibc team,
> >
> > I am using uClibc-0.9.33.2.tar.bz2 in my product. Here i want to know
> that
> > uClibc is CVE-2016-4429 vulnerable or not.
> >
> > CVE-2016-4429 is stack overflow vulnerability. So, I have seen some code
> > snippet which affects the stack overflow in the
> > function clntudp_call in the file clnt_udp.c. But i don't know how to
> test
> > it, for actually affecting the stack.
> >
> > Can you please provide me with the test process or give me the results if
> > it is vulnerable to the CVE-2016-4429 if you have done testing already.
> >
> > I will wait for your reply.
>
> I do not think the uClibc project is active anymore.
> I have added the GNU libc patch to uClibc-ng:
> http://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=
> 9213ad631513d0e67d9d31465c9cdb3f3dde0399
>
> It will be in the next release. You should better switch to
> uClibc-ng with your product.
>
> best regards
>  Waldemar
>
_______________________________________________
uClibc mailing list
[hidden email]
http://lists.busybox.net/mailman/listinfo/uclibc
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CVE-2016-4429 vulnerability

Waldemar Brodkorb
Hi,
siva gopi raju kudeti wrote,

> Hi Waldemar,
>
> Thanks for the immediate replay.
>
> The patch you given looks good. I will make out this patch.
>
> After that, testing with the IPERF or PING is fine or any other way is
> there to test.
>
> Can you please suggest me to do that.

Not sure how to test it. May be there is some information about it
in the CVE. As it is in the RPC code, I suggest using some RPC
services like NFSv3.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4429

I am not sure if any exploit exist, which you could use that
the buffer overflow is fixed.

best regards
 Waldemar
_______________________________________________
uClibc mailing list
[hidden email]
http://lists.busybox.net/mailman/listinfo/uclibc
Loading...