Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Jun 2015 19:26:49 -0400
From: Giancarlo Canales <gcanalesb@...com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Possible CVE Request: Multiple stack overflows in squashfs-tools and
 sasquatch

I recently discovered several highly similar stack overflow weakness in squashfs-tools and sasquatch.
This issue has already been made public to both projects, with recommendations on how to fix them, but a fix has not been released by the project maintainers.

Sasquatch is an experimental fork of squashfs-tools.
Squashfs-tools is present in the repositories of Debian, CentOS, and other Linux distributions.

The vulnerability can be exploited by using the unsquashfs command to unpack a malicious squashfs image that causes a stack overflow in an unchecked variable length array.
Thereafter, a function that copies data from the squashfs image to the overflown array is executed.

I’m requesting a CVE number for this vulnerability,  per project.

Title: Stack overflows in squash-fs
Products: squash-fs
Affects: All versions
Type: Stack overflow
First CVE ID Request: Yes

Title: Stack overflows in sasquatch
Products: sasquatch
Affects: All versions
Type: Stack overflow
First CVE ID Request: Yes

Fore information about the stack overflow, please visit:
https://github.com/devttys0/sasquatch/pull/5

Thanks in advance,


Giancarlo Canales Barreto

Download attachment "signature.asc" of type "application/pgp-signature" (843 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ