FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libevent -- integer overflow in evbuffers

Affected packages
libevent < 1.4.15
2.0 <= libevent < 2.0.22
libevent2 < 2.0.22

Details

VuXML ID daa8a49b-99b9-11e4-8f66-3085a9a4510d
Discovery 2015-01-05
Entry 2015-01-11
Modified 2017-02-20

Debian Security Team reports:

Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t.

References

CVE Name CVE-2014-6272
URL https://www.debian.org/security/2015/dsa-3119