[v3.0] lzo: potential integer overflow (CVE-2014-4607)
LZO 2.07: Fixed a potential integer overflow condition in the “safe” decompressor variants which could result in a possible buffer overrun when processing maliciously crafted compressed input data.
Comments from http://www.oberhumer.com/opensource/lzo/:
_Fortunately this issue only affects 32-bit systems and also can only happen if you use uncommonly huge buffer sizes where you have to decompress more than 16 MiB (>2^24 bytes) untrusted compressed bytes within a single function call, so the practical implications are limited.
Also I personally do not know about any client program that uses such a huge logical block size and actually is affected.
TL;DR: the Linux kernel is not affected; media hype._
References:
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1232291.html
https://bugzilla.redhat.com/show\_bug.cgi?id=1112418
(from redmine: issue id 3112, created on 2014-07-01, closed on 2014-07-25)
- Relations:
- parent #3108 (closed)
- Changesets:
- Revision da8a3290 by Natanael Copa on 2014-07-25T09:37:34Z:
main/lzo: security upgrade to 2.08 (CVE-2014-4607)
fixes #3112