Date: Wed, 21 Jun 2017 14:20:01 +0200 From: Alexander Bergmann <abergmann@...e.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write Hi, It was reported that unrar fixed a VMSF_DELTA memory corruption issue in there latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol Reproducer: Base64-encoded RAR file to trigger the VMSF_DELTA issue: UmFyIRoHAPlOcwAADgAAAAAAAAAAMAh0AAAmAI4AAAAAAAAAAhBBUiEAAAAAHQAGAAAAACBzdGRv dXQgIVUMzRDNmBGByDAda+AXaSv4KvQr1K/oejL05mXmXmww5tEk8gA9k8nmieyeyeswuOR6cx69 a2Hd6zQwu3aoMDDwMEswADAAMD4P938w+dydoRFwAmwAAAAAvv////+/////+9W3QFgAAQAGAAAA Ooimhd12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA As far as I can tell no CVE was assigned to this issue so far. Regrads, Alex~ -- Alexander Bergmann <abergmann@...e.com>, Security Engineer, GPG:9FFA4886 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ