CVE

CVE-2015-8869

Buffer overflow and information leak in OCaml < 4.03.0

CVE

CVE-2015-8869

Buffer overflow and information leak in OCaml < 4.03.0

Bug description

OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes sizes arguments to an internal memmove call to be sign-extended from 32 to 64-bits before being passed to the memmove function.

This leads arguments between 2GiB and 4GiB to be interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow.

Arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak.

This commit fixes the bug:

https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762

The function camlbitstring is called indirectly from such functions as String.copy. String.copy for instance is supposed to be a "safe" function for which OCaml's memory safety guarantees apply.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

9.1

3.0

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.1

3.0

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Related Resources

No items found.

References

https://github.com/ocaml/ocaml/issues/7003

Severity

9.1

CVSS Score

Basic Information

Ecosystem

Base CVSS

9.1

EPSS Probability

0.03774%

EPSS Percentile

0.87801%

Introduced Version

Fix Available

4.03.0,659615c7b100a89eafe6253e7a5b9d84d0e8df74

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2015-8869

CVE-2015-8869

Bug description

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

9.1

Basic Information

Fix Critical Vulnerabilities Instantly