File tree Expand file tree Collapse file tree 3 files changed +52
-0
lines changed Expand file tree Collapse file tree 3 files changed +52
-0
lines changed Original file line number Diff line number Diff line change 1+ ../bzlib/HSEC-2024-0002.md
Original file line number Diff line number Diff line change 1+ ../bzlib/HSEC-2024-0002.md
Original file line number Diff line number Diff line change 1+ ``` toml
2+ [advisory ]
3+ id = " HSEC-2024-0002"
4+ cwe = [787 ]
5+ keywords = [" corruption"
6+ aliases = [" CVE-2019-12900"
7+
8+ [[references ]]
9+ type = " DISCUSSION"
10+ url = " https://gnu.wildebeest.org/blog/mjw/2019/08/02/bzip2-and-the-cve-that-wasnt/"
11+
12+ [[references ]]
13+ type = " FIX"
14+ url = " https://sourceware.org/git/?p=bzip2.git;a=commit;h=7ed62bfb46e87a9e878712603469440e6882b184"
15+
16+ [[affected ]]
17+ package = " bzlib"
18+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
19+
20+ [[affected .versions ]]
21+ introduced = " 0.4"
22+
23+ [[affected ]]
24+ package = " bz2"
25+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
26+
27+ [[affected .versions ]]
28+ introduced = " 0.1.0.0"
29+
30+ [[affected ]]
31+ package = " bzlib-conduit"
32+ cvss = " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
33+
34+ [[affected .versions ]]
35+ introduced = " 0.1.0.0"
36+ ```
37+
38+ # out-of-bounds write when there are many bzip2 selectors
39+
40+ A malicious bzip2 payload may produce a memory corruption
41+ resulting in a denial of service and/or remote code execution.
42+ Network services or command line utilities decompressing
43+ untrusted bzip2 payloads are affected.
44+
45+ Note that the exploitation of this bug relies on an undefined
46+ behavior that appears to be handled safely by current compilers.
47+
48+ The Haskell libraires are vulnerable when they are built using
49+ the bundled C library source code, which is the default
50+ in most cases.
You can’t perform that action at this time.
0 commit comments