(In reply to mancha from comment #8) > Hello. I applied Siddhesh's three patches (2 CVE fixes + strcoll > refactoring) and the PoCs no longer trigger overflows. > > What is a reasonable runtime to expect on those PoCs post-patch? > > I ask because last night I left Joseph's code running on a ~2.3GHz Intel and > it was still going this morning [was in seq_next_seq_nocache()]. > > Thanks!
get_next_seq_nocache() that is. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1048203 Title: (CVE-2012-4412) glibc: strcoll() integer overflow leading to buffer overflow To manage notifications about this bug go to: https://bugs.launchpad.net/glibc/+bug/1048203/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
