Bugzilla – Bug 870147
VUL-0: CVE-2013-6370 CVE-2013-6371: json-c: buffer overflow if size_t is larger than int
Last modified: 2020-06-08 11:05:23 UTC
Public now via oss-security: Florian Weimer of the Red Hat Product Security Team discovered two flaws in json-c, details as follows: 1. CVE-2013-6371 json-c: hash collision DoS The hash function in the json-c library was weak, and that parsing smallish JSON strings showed quadratic timing behaviour. This could cause an application linked to the json-c library, and that processes some specially-crafted JSON data, to use excessive amounts of CPU. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1032311 2. CVE-2013-6370 json-c: buffer overflow if size_t is larger than int The printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using size_t if possible for sizes, or to be hardened against negative values if not. This could be used to cause a denial of service in an application linked to the json-c library. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1032322 Both these issues are fixed via the following upstream commit: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
This is an autogenerated message for OBS integration: This bug (870147) was mentioned in https://build.opensuse.org/request/show/229464 13.1 / json-c https://build.opensuse.org/request/show/229465 Factory / json-c
openSUSE-SU-2014:0558-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 870147 CVE References: CVE-2013-6370,CVE-2013-6371 Sources used: openSUSE 13.1 (src): json-c-0.10-3.4.1 openSUSE 12.3 (src): json-c-0.9-13.4.1