CVE-2015-9261

Опубликовано: 26 июл. 2018

Источник: debian

Описание

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.27.2-1		package

Примечания

https://www.openwall.com/lists/oss-security/2015/10/25/3
http://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e
https://git.busybox.net/busybox/commit/archival/libarchive/decompress_gunzip.c?id=6bd3fff51aa74e2ee2d87887b12182a3b09792ef

Связанные уязвимости

CVE-2015-9261

CVSS3: 5.5

ubuntu

больше 7 лет назад

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

CVE-2015-9261

redhat

больше 10 лет назад

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

CVE-2015-9261

CVSS3: 5.5

nvd

больше 7 лет назад

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

GHSA-4ph6-v858-6wh9

CVSS3: 5.5

github

больше 3 лет назад

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

BDU:2021-03344

CVSS3: 6.5

fstec

больше 10 лет назад

Уязвимость функции huft_build компонента archival/libarchive/decompress_gunzip.c набора UNIX-утилит командной строки BusyBox, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании