oss-sec mailing list archives
CVE Request: Squashfs 4.2 Race Condition
From: Jihyeok Seo <limeburst () member fsf org>
Date: Thu, 31 Dec 2015 02:09:43 +0900
A malformed Squashfs filesystem can cause a race condition in unsquashfs. Versions below 4.3 are affected.
This is caused by the decompress thread attempting to access a shared queue, resulting in a SIGSEGV.
struct cache_entry *entry = queue_get(to_deflate);
I have attached a sample filesystem image illustrating this case.
Attachment:
attachment
Description:
Current thread:
- CVE Request: Squashfs 4.2 Race Condition Jihyeok Seo (Dec 30)
- Re: CVE Request: Squashfs 4.2 Race Condition cve-assign (Dec 30)
- Re: CVE Request: Squashfs 4.2 Race Condition Jihyeok Seo (Dec 30)
- Re: Re: CVE Request: Squashfs 4.2 Race Condition Jeremy Stanley (Dec 31)
- Re: CVE Request: Squashfs 4.2 Race Condition Jihyeok Seo (Dec 30)
- Re: CVE Request: Squashfs 4.2 Race Condition cve-assign (Dec 30)