CVE-2017-1000378
CRITICALNetBSD < 7.1 - Uncontrolled Resource Consumption in qsort()
Title source: llmDescription
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99255
Third Party Advisory x_refsource_misc
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Third Party Advisory x_refsource_misc
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23&content-type=text/x-cvsweb-markup
Scores
CVSS v3
9.8
EPSS
0.0373
EPSS Percentile
88.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-400
Status
published
Products (1)
netbsd/netbsd
< 7.1
Published
Jun 19, 2017
Tracked Since
Feb 18, 2026