CVE-2015-8869
ocaml: sizes arguments are sign-extended from 32 to 64 bits
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
OCaml en versiones anteriores a 4.03.0 no maneja correctamente extensiones de firma, lo que permite a atacantes remotos llevar a cabo ataques de desbordamiento de buffer u obtener información sensible según lo demostrado por una cadena larga para la función String.copy.
An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak.
OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers, an interactive top level system, parsing tools, a replay debugger, a documentation generator, and a comprehensive library. Security Fix: OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are, causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-04-29 CVE Reserved
- 2016-06-13 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-194: Unexpected Sign Extension
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/04/29/1 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2016/04/29/6 | Mailing List |
|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/89318 | Vdb Entry | |
| https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 24 Search vendor "Fedoraproject" for product "Fedora" and version "24" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
| Ocaml Search vendor "Ocaml" | Ocaml Search vendor "Ocaml" for product "Ocaml" | <= 4.02.3 Search vendor "Ocaml" for product "Ocaml" and version " <= 4.02.3" | - |
Affected
| ||||||