oss-sec mailing list archives

Re: Possible CVE Requests: libmspack: several issues

From: Moritz Mühlenhoff <jmm () inutil org>
Date: Sun, 22 Feb 2015 19:55:55 +0100

On Tue, Feb 03, 2015 at 04:52:05PM +0100, Salvatore Bonaccorso wrote:

Hi

Several issues with the libmspack library were reported recently in
the Debian bugtracker by Jakub Wilk. An (older) copy of libmspack is
also embedded in ClamAV (not verified if this version is also affected
by these issues).

The reported bugs are the following:

null pointer dereference on a crafted CAB:
 - https://bugs.debian.org/774665

CHM decompression: division by zero
 - https://bugs.debian.org/774725

CHM decompression: pointer arithmetic overflow
 - https://bugs.debian.org/774726

off-by-one buffer over-read in mspack/mszipd.c
 - https://bugs.debian.org/775498

off-by-one buffer under-read in mspack/lzxd.c
 - https://bugs.debian.org/775499

CHM decompression: another pointer arithmetic overflow
 - https://bugs.debian.org/775687

Could CVEs be assigned for these issues?


This seems to have fallen through the cracks.

Cheers,
        Moritz

Current thread:

Possible CVE Requests: libmspack: several issues Salvatore Bonaccorso (Feb 03)
- Re: Possible CVE Requests: libmspack: several issues Hanno Böck (Feb 03)
- Re: Possible CVE Requests: libmspack: several issues Moritz Mühlenhoff (Feb 22)
  - Re: Possible CVE Requests: libmspack: several issues Salvatore Bonaccorso (Mar 03)