Project

General

Profile

Bug #9669

Bug #9667: cabextract: Buffer overflow (CVE-2018-18584)

[3.8] cabextract: Buffer overflow (CVE-2018-18584)

Added by Alicha CH 2 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
11/21/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:
CVE-2018-18584

Description

cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block,
leading to an out-of-bounds write.

Fixed In Version:

cabextract 1.8

References:

https://www.cabextract.org.uk
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18584
https://www.openwall.com/lists/oss-security/2018/10/22/1

History

#1 Updated by Natanael Copa about 2 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH about 2 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF