CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)

Processing an overlong pathname in the sunrpc clnt_create function results in a stack-based buffer overflow. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
author: Florian Weimer <fweimer@redhat.com> 2022-01-17 10:21:34 +0100
committer: Florian Weimer <fweimer@redhat.com> 2022-01-17 10:22:00 +0100
commit: 226b46770c82899b555986583294b049c6ec9b40 (patch)
tree: 2112b32dabd8b2f33ead4ef15eef34705ff04b98 /NEWS
parent: e368b12f6c16b6888dda99ba641e999b9c9643c8 (diff)
download: glibc-226b46770c82899b555986583294b049c6ec9b40.zip
glibc-226b46770c82899b555986583294b049c6ec9b40.tar.gz
glibc-226b46770c82899b555986583294b049c6ec9b40.tar.bz2
1 files changed, 3 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index ddd95a8..38a9ddb 100644
--- a/NEWS
+++ b/NEWS
@@ -156,7 +156,9 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
-  [Add security related changes here]
+  CVE-2022-23219: Passing an overlong file name to the clnt_create
+  legacy function could result in a stack-based buffer overflow when
+  using the "unix" protocol.  Reported by Martin Sebor.
 
 The following bugs are resolved with this release:
author	Florian Weimer <fweimer@redhat.com>	2022-01-17 10:21:34 +0100
committer	Florian Weimer <fweimer@redhat.com>	2022-01-17 10:22:00 +0100
commit	226b46770c82899b555986583294b049c6ec9b40 (patch)
tree	2112b32dabd8b2f33ead4ef15eef34705ff04b98 /NEWS
parent	e368b12f6c16b6888dda99ba641e999b9c9643c8 (diff)
download	glibc-226b46770c82899b555986583294b049c6ec9b40.zip glibc-226b46770c82899b555986583294b049c6ec9b40.tar.gz glibc-226b46770c82899b555986583294b049c6ec9b40.tar.bz2