lzo: potential integer overflow (CVE-2014-4607)
LZO 2.07: Fixed a potential integer overflow condition in the “safe” decompressor variants which could result in a possible buffer overrun when processing maliciously crafted compressed input data.
Comments from http://www.oberhumer.com/opensource/lzo/:
_Fortunately this issue only affects 32-bit systems and also can only happen if you use uncommonly huge buffer sizes where you have to decompress more than 16 MiB (>2^24 bytes) untrusted compressed bytes within a single function call, so the practical implications are limited.
Also I personally do not know about any client program that uses such a huge logical block size and actually is affected.
TL;DR: the Linux kernel is not affected; media hype._
References:
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1232291.html
https://bugzilla.redhat.com/show\_bug.cgi?id=1112418
(from redmine: issue id 3108, created on 2014-07-01, closed on 2014-07-25)
- Relations:
- relates #3113
- relates #3119 (closed)
- child #3109 (closed)
- child #3110 (closed)
- child #3111 (closed)
- child #3112 (closed)