[Bug 12916] New: out-of-bounds write in get_next_block()

bugzilla at busybox.net bugzilla at busybox.net
Wed May 20 07:20:59 UTC 2020


            Bug ID: 12916
           Summary: out-of-bounds write in get_next_block()
           Product: Busybox
           Version: 1.31.x
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P5
         Component: Other
          Assignee: unassigned at busybox.net
          Reporter: mike-broomfield at hotmail.co.uk
                CC: busybox-cvs at busybox.net
  Target Milestone: ---

get_next_block in decompress_bunzip2.c has an out-of-bounds write when there
are many selectors.

A very similar bug was present in bzip2 through 1.0.6.  

You can see the commit that fixed the bzip2 vulnerability at

You are receiving this mail because:
You are on the CC list for the bug.

More information about the busybox-cvs mailing list