CVSROOT: /cvs Module name: src Changes by: mill...@cvs.openbsd.org 2016/12/06 15:32:59
Modified files:
lib/libc/net : linkaddr.c
Log message:
CVE-2016-6559: fix potential buffer overflow(s) in link_ntoa(3).
A specially crafted struct sockaddr_dl argument can trigger a stack
overflow of a static buffer in libc. An attacker may be able to
use this to write to arbitrary locations in the data segment.
>From FreeBSD (glebius); OK deraadt@ mestre@
