[3.7] libmspack: Multiple vulnerabilities (CVE-2017-6419, CVE-2017-11423)
CVE-2017-6419: heap-based buffer overflow in mspack/lzxd.c
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2,
allows
remote attackers to cause a denial of service (heap-based buffer
overflow and application crash) or possibly have unspecified other
impact via a crafted CHM file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-6419
Patch:
https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
CVE-2017-11423: Stack-based buffer over-read in cabd_read_string function
The cabd_read_string function in mspack/cabd.c in libmspack
0.5alpha,
as used in ClamAV 0.99.2 and other products, allows remote attackers
to
cause a denial of service (stack-based buffer over-read and
application
crash) via a crafted CAB file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-11423
Patch:
https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38
(from redmine: issue id 7756, created on 2017-08-25, closed on 2017-08-28)
- Relations:
- parent #7755 (closed)
- Changesets:
- Revision 4053980e by Francesco Colista on 2017-08-28T13:53:10Z:
main/libmspack: fix for CVE-2017-6419, CVE-2017-11423. Fixes #7756