"One bug to rule them all" vulnerability in KJS?

Jacob Welsh jwelsh at eemta.org
Fri Jul 17 06:34:24 BST 2009

Confirmed using http://www.g-sec.lu/crash/select.html. Konqueror memory usage 
climbed to over 1GB in a few seconds, at which point I killed it not wanting 
to go through swap/OOM.

-Jacob Welsh

On Friday 17 July 2009 00:21:03 Michael Pyne wrote:
> There is a flaw provocatively labeled "One bug to rule them all" at this
> link: http://www.g-sec.lu/one-bug-to-rule-them-all.html
> The author claims to have contacted KDE regarding Konqueror and received
> no response.  The bug itself is a unconstrained memory allocation using
> the select() JavaScript function (or something like that).  I have not
> tested the vulnerability since I have to be up in about 6 hours to
> checkout of this hotel and hit the road again. :-/
> This is sent from my webmail and I haven't had time to check the mailing
> lists, I apologize if this is a dupe.  If not we may want to investigate
> this since it's now publicly disclosed.
> Regards,
>  - Michael Pyne

More information about the kde-core-devel mailing list