Date: Sat, 24 Oct 2015 17:54:10 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Two out of bounds reads in Zstandard / zstd https://blog.fuzzing-project.org/26-Two-out-of-bounds-reads-in-Zstandard-zstd.html Zstandard or short zstd is a new compression algorithm and tool developed by Yann Collet. Fuzzing zstd with american fuzzy lop and address sanitizer uncovered two out of bounds reads. Heap out of bounds read in function ZSTD_copy8: https://crashes.fuzzing-project.org/zstd-oob-heap-ZSTD_copy8 Input sample https://github.com/Cyan4973/zstd/issues/49 Upstream bug report https://github.com/Cyan4973/zstd/commit/fc60883d42f7f860d4573e34b466eca632d57966 Git commit / fix Stack out of bounds read in function HUF_readStats: https://crashes.fuzzing-project.org/zstd-oob-stack-HUF_readStats Input sample https://github.com/Cyan4973/zstd/issues/50 Upstream bug report https://github.com/Cyan4973/zstd/commit/3e8fbabfa8b16fa605038c68c8fac7fe29f4c78a Git commit / fix https://github.com/Cyan4973/zstd/releases/tag/zstd-0.2.1 The new zstd version 0.2.1 fixes both issues. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ