Описание
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| halibut | fixed | 1.3-1 | package | |
| halibut | no-dsa | bullseye | package | |
| halibut | no-dsa | buster | package |
Примечания
https://carteryagemann.com/halibut-case-study.html#poc-halibut-text-uaf
Inventing an errorstate to pass to all err_* functions and use it to track fatal errors:
https://git.tartarus.org/?p=simon/halibut.git;a=commit;h=5c3db60a2911efb18bdc823264b74d8045c407b9 (1.3)
https://git.tartarus.org/?p=simon/halibut.git;a=commit;h=edaf724febe2f9c890ef1cfdf24a78d5c1da2b32 (1.3)
Связанные уязвимости
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.