File tree Expand file tree Collapse file tree 3 files changed +47
-0
lines changed Expand file tree Collapse file tree 3 files changed +47
-0
lines changed Original file line number Diff line number Diff line change 1+ ../bzlib/HSEC-2024-0002.md
Original file line number Diff line number Diff line change 1+ ../bzlib/HSEC-2024-0002.md
Original file line number Diff line number Diff line change 1+ ``` toml
2+ [advisory ]
3+ id = " HSEC-2024-0002"
4+ cwe = [787 ]
5+ keywords = [" corruption"
6+
7+ [[references ]]
8+ type = " DISCUSSION"
9+ url = " https://gnu.wildebeest.org/blog/mjw/2019/08/02/bzip2-and-the-cve-that-wasnt/"
10+
11+ [[references ]]
12+ type = " FIX"
13+ url = " https://sourceware.org/git/?p=bzip2.git;a=commit;h=7ed62bfb46e87a9e878712603469440e6882b184"
14+
15+ [[affected ]]
16+ package = " bzlib"
17+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
18+
19+ [[affected .versions ]]
20+ introduced = " 0.4"
21+
22+ [[affected ]]
23+ package = " bz2"
24+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
25+
26+ [[affected .versions ]]
27+ introduced = " 0.1.0.0"
28+
29+ [[affected ]]
30+ package = " bzlib-conduit"
31+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
32+
33+ [[affected .versions ]]
34+ introduced = " 0.1.0.0"
35+ ```
36+
37+ # out-of-bounds write when there are many bzip2 selectors
38+
39+ A malicious bzip2 payload may produce a memory corruption
40+ resulting in remote code execution.
41+ Network services or command line utilities decompressing
42+ untrusted bzip2 payloads are affected.
43+
44+ Note that the exploitation of this bug relies on an undefined
45+ behavior that appears to be handled safely by current compiler.
You can’t perform that action at this time.
0 commit comments