CVE-2014-6272

Impact:
Moderate
Public Date:
2015-01-05
Bugzilla:
1144646: CVE-2014-6272 libevent: potential heap overflow in buffer/bufferevent APIs

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.

Find out more about CVE-2014-6272 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of libevent as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and
maintenance life cycle. This issue is not planned to be addressed in Red Hat
Enterprise Linux 5. For additional information, refer to the Red Hat Enterprise
Linux Life Cycle:https://access.redhat.com/support/policy/updates/errata/.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 5.1
Base Metrics AV:N/AC:H/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 openmpi Not affected
Red Hat Enterprise Linux 7 libevent Fix deferred
Red Hat Enterprise Linux 7 firefox Will not fix
Red Hat Enterprise Linux 7 thunderbird Will not fix
Red Hat Enterprise Linux 6 firefox Will not fix
Red Hat Enterprise Linux 6 thunderbird Will not fix
Red Hat Enterprise Linux 6 openmpi Not affected
Red Hat Enterprise Linux 6 chromium-browser Will not fix
Red Hat Enterprise Linux 6 libevent Fix deferred
Red Hat Enterprise Linux 5 openmpi Not affected
Red Hat Enterprise Linux 5 thunderbird Will not fix
Red Hat Enterprise Linux 5 firefox Will not fix
Red Hat Enterprise Linux 5 libevent Will not fix
Red Hat Enterprise Linux 4 openmpi Will not fix
Red Hat Enterprise Linux 4 nfs-utils Will not fix

Acknowledgements

Red Hat would like to thank Nick Mathewson of Libevent upstream for reporting this issue. Upstream acknowledges Andrew Bartlett of Catalyst as the original reporter.
Last Modified

CVE description copyright © 2017, The MITRE Corporation