CVSROOT: /cvs Module name: src Changes by: [email protected] 2016/12/06 15:32:59
Modified files:
lib/libc/net : linkaddr.c
Log message:
CVE-2016-6559: fix potential buffer overflow(s) in link_ntoa(3).
A specially crafted struct sockaddr_dl argument can trigger a stack
overflow of a static buffer in libc. An attacker may be able to
use this to write to arbitrary locations in the data segment.
>From FreeBSD (glebius); OK deraadt@ mestre@
