Date: Wed, 17 Jun 2015 19:26:49 -0400 From: Giancarlo Canales <gcanalesb@...com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Possible CVE Request: Multiple stack overflows in squashfs-tools and sasquatch I recently discovered several highly similar stack overflow weakness in squashfs-tools and sasquatch. This issue has already been made public to both projects, with recommendations on how to fix them, but a fix has not been released by the project maintainers. Sasquatch is an experimental fork of squashfs-tools. Squashfs-tools is present in the repositories of Debian, CentOS, and other Linux distributions. The vulnerability can be exploited by using the unsquashfs command to unpack a malicious squashfs image that causes a stack overflow in an unchecked variable length array. Thereafter, a function that copies data from the squashfs image to the overflown array is executed. I’m requesting a CVE number for this vulnerability, per project. Title: Stack overflows in squash-fs Products: squash-fs Affects: All versions Type: Stack overflow First CVE ID Request: Yes Title: Stack overflows in sasquatch Products: sasquatch Affects: All versions Type: Stack overflow First CVE ID Request: Yes Fore information about the stack overflow, please visit: https://github.com/devttys0/sasquatch/pull/5 Thanks in advance, Giancarlo Canales Barreto Download attachment "signature.asc" of type "application/pgp-signature" (843 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ