Package name
libgtop2
Date
2007-01-18
Advisory ID
MDKSA-2007:023
Affected versions
2007.0 x86_64 , 2007.0 i586

Problem description

Stack-based buffer overflow in the glibtop_get_proc_map_s function in
libgtop before 2.14.6 (libgtop2) allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via a process
with a long filename that is mapped in its address space, which
triggers the overflow in gnome-system-monitor.

The updated packages have been patched to correct this problem.

Updated packages

2007.0 x86_64

 6c29e33986f8edcb030c51c2a3f11284  2007.0/x86_64/lib64gtop2.0_7-2.14.3-1.1mdv2007.0.x86_64.rpm
 7686a3045392d92d1f8a0e3e481b2172  2007.0/x86_64/lib64gtop2.0_7-devel-2.14.3-1.1mdv2007.0.x86_64.rpm
 fd1b70ddc81ee08e70661710883255d5  2007.0/x86_64/libgtop2-2.14.3-1.1mdv2007.0.x86_64.rpm 
 d814d8ae476947ff129624b4bbf3c468  2007.0/SRPMS/libgtop2-2.14.3-1.1mdv2007.0.src.rpm

2007.0 i586

 9a42ece573e6285e548d3611d905962b  2007.0/i586/libgtop2-2.14.3-1.1mdv2007.0.i586.rpm
 015d57a79518ea22832f6fbda39271a2  2007.0/i586/libgtop2.0_7-2.14.3-1.1mdv2007.0.i586.rpm
 90c71d829f0ecf9a190cd6f883d7641d  2007.0/i586/libgtop2.0_7-devel-2.14.3-1.1mdv2007.0.i586.rpm 
 d814d8ae476947ff129624b4bbf3c468  2007.0/SRPMS/libgtop2-2.14.3-1.1mdv2007.0.src.rpm

References