Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 3 May 2015 18:24:18 +0200
From: Sebastian Andrzej Siewior <cve-announce@...breakpoint.cc>
To: oss-security@...ts.openwall.com
Subject: CVE-2015-2222: clamav: crash on crafted petite packed file

Petite [0] is a tool for compressing PE files on windows.
Clamav [1] is a virus scanning tool which is able to unpack
such files during scanning.

Once the file has been identified as "petite" compressed before the
decompressing process is started it is possible that a specially crafted
file tells clamav to read more data than it allocated memory. On glibc it
leads to SIGABRT on free() since glibc's malloc() recognizes this.
A fix to this bug is part of the 0.98.7 release.

This is a different issue than the one reported in CVE-2015-1463.
This bug has been discovered by AFL [3], american fuzzy lop.

[0] http://www.un4seen.com/petite/
[1] http://www.clamav.net/
[2] https://github.com/vrtadmin/clamav-devel/commit/8aeedf3c4282bc916d6f6c290e1e530d125ec953
[3] http://lcamtuf.coredump.cx/afl/

Sebastian

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ