bug-gnu-pspp
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PSPP-BUG: [bug #65545] Several types of security issues that can lead to

From: Geng Zhou
Subject: PSPP-BUG: [bug #65545] Several types of security issues that can lead to pspp crashes
Date: Mon, 1 Apr 2024 04:38:39 -0400 (EDT) 
URL:
  <https://savannah.gnu.org/bugs/?65545>

                 Summary: Several types of security issues that can lead to
pspp crashes
                   Group: PSPP
               Submitter: arbus
               Submitted: Mon 01 Apr 2024 08:38:39 AM UTC
                Category: None
                Severity: 5 - Average
                  Status: None
             Assigned to: None
             Open/Closed: Open
                 Release: None
         Discussion Lock: Any
                  Effort: 0.00


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Mon 01 Apr 2024 08:38:39 AM UTC By: Geng Zhou <arbus>
Hi, we found several crashes in pspp 2.0.0, which is the latest version.
To assist in diagnosing and resolving these issues, we have attached the POC
files along with the gdb/asan logs. 

Below are the statistics of different types:
assertion failure: 21
use-after-free: 2
segmentation violation: 13
double-free: 1
stack-buffer-overflow: 5
bus on unknown address: 1
total: 43


Environment:

version: GNU pspp 2.0.0

host_system: x86_64-pc-linux-gnu
build_system: x86_64-pc-linux-gnu
compiler version: Ubuntu Clang 12.0.0
Linux 4f6b99b5cf37 6.2.0-35-generic #35~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri
Oct  6 10:23:26 UTC 2 x86_64 x86_64 x86_64 GNU/Linux


Credit by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory.








    _______________________________________________________
File Attachments:


-------------------------------------------------------
Name: pspp_cmds@logs.zip  Size: 99KiB
<http://savannah.gnu.org/bugs/download.php?file_id=55911>
-------------------------------------------------------
Name: pspp_poc.zip  Size: 68KiB
<http://savannah.gnu.org/bugs/download.php?file_id=55912>

    AGPL NOTICE

These attachments are served by Savane. You can download the corresponding
source code of Savane at
https://git.savannah.nongnu.org/cgit/administration/savane.git/snapshot/savane-f8d8fc86e28a85f98fa79e2e1fbce7ec340f75ed.tar.gz

    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?65545>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]