[Bug 12916] New: out-of-bounds write in get_next_block()
bugzilla at busybox.net
bugzilla at busybox.net
Wed May 20 07:20:59 UTC 2020
https://bugs.busybox.net/show_bug.cgi?id=12916
Bug ID: 12916
Summary: out-of-bounds write in get_next_block()
Product: Busybox
Version: 1.31.x
Hardware: All
OS: Linux
Status: NEW
Severity: critical
Priority: P5
Component: Other
Assignee: unassigned at busybox.net
Reporter: mike-broomfield at hotmail.co.uk
CC: busybox-cvs at busybox.net
Target Milestone: ---
get_next_block in decompress_bunzip2.c has an out-of-bounds write when there
are many selectors.
A very similar bug was present in bzip2 through 1.0.6.
You can see the commit that fixed the bzip2 vulnerability at
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc#951eb5324dc64ed8c9225bfcdcb72ee7a3932918
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list