Date: Sun, 3 May 2015 18:24:18 +0200 From: Sebastian Andrzej Siewior <cve-announce@...breakpoint.cc> To: oss-security@...ts.openwall.com Subject: CVE-2015-2222: clamav: crash on crafted petite packed file Petite  is a tool for compressing PE files on windows. Clamav  is a virus scanning tool which is able to unpack such files during scanning. Once the file has been identified as "petite" compressed before the decompressing process is started it is possible that a specially crafted file tells clamav to read more data than it allocated memory. On glibc it leads to SIGABRT on free() since glibc's malloc() recognizes this. A fix to this bug is part of the 0.98.7 release. This is a different issue than the one reported in CVE-2015-1463. This bug has been discovered by AFL , american fuzzy lop.  http://www.un4seen.com/petite/  http://www.clamav.net/  https://github.com/vrtadmin/clamav-devel/commit/8aeedf3c4282bc916d6f6c290e1e530d125ec953  http://lcamtuf.coredump.cx/afl/ Sebastian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.