oss-sec mailing list archives
CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write
From: Alexander Bergmann <abergmann () suse com>
Date: Wed, 21 Jun 2017 14:20:01 +0200
Hi, It was reported that unrar fixed a VMSF_DELTA memory corruption issue in there latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol Reproducer: Base64-encoded RAR file to trigger the VMSF_DELTA issue: UmFyIRoHAPlOcwAADgAAAAAAAAAAMAh0AAAmAI4AAAAAAAAAAhBBUiEAAAAAHQAGAAAAACBzdGRv dXQgIVUMzRDNmBGByDAda+AXaSv4KvQr1K/oejL05mXmXmww5tEk8gA9k8nmieyeyeswuOR6cx69 a2Hd6zQwu3aoMDDwMEswADAAMD4P938w+dydoRFwAmwAAAAAvv////+/////+9W3QFgAAQAGAAAA Ooimhd12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA As far as I can tell no CVE was assigned to this issue so far. Regrads, Alex~ -- Alexander Bergmann <abergmann () suse com>, Security Engineer, GPG:9FFA4886 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg)
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write Alexander Bergmann (Jun 21)
- Re: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write Alexander Bergmann (Jun 22)
- Re: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write Andreas Stieger (Jun 29)