lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <a40d1cb0-f4c6-436b-b693-b08904cf7b2b@oracle.com>
Date: Fri, 26 Jan 2024 09:46:52 -0800
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: Meng Ruijie <ruijie_meng@...us.edu>,
 "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Cc: "X.Org Security Team" <xorg-security@...ts.x.org>
Subject: Re: [FD] Null pointer dereference in Xedit

On 1/19/24 19:48, Meng Ruijie wrote:
> [Vulnerability description]
> A NULL pointer dereference in the component /X11/xedit/lisp of Xedit v1.2.3 allows attackers to cause a Denial of Service (DoS) via a crafted lisp.lsp file.
> 
> [VulnerabilityType Other]
> null pointer deference
> 
> [Vendor of Product]
> Xedit
> 
> [Affected Product Code Base]
> Xedit - 1.2.3
> 
> [Reference]
> https://gitlab.freedesktop.org/xorg/app/xedit/-/issues/1
> 
> [CVE Reference]
> The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2023-45916 to this vulnerability.

I will be asking that this CVE be withdrawn on behalf of the X.Org security team.

While it is a low-priority bug, we did not see any security exposure
when this bug was first brought to our attention because there is no
way for an attacker to change the contents of the lisp.lsp file or to
cause a *.lsp file to be loaded for another user.

The bug report states "replace /usr/local/lib/X11/xedit/lisp/lisp.lsp with
the attached version,"  and if you can do that, you can just replace the
xedit binary with a version containing whatever code you want.

Please do not waste everyone's time requesting CVE's for other people's projects
without their knowledge or consent.

-- 
      -Alan Coopersmith-              alan.coopersmith@...cle.com
        X.Org Security Response Team - xorg-security@...ts.x.org

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ