lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 30 Nov 2015 10:19:11 +0800
From: ChenQin <chenqin@...sec.com.cn>
To: fulldisclosure@...lists.org
Subject: [FD] [Advisory]LibRaw Multi Memory error[CVE-2015-8366 and
	CVE-2015-8367]

1. Overview
The LibRaw raw image decoder  <= 0.17 has multi vulnerability to cause memory errors,which may cause code execution or other problems.Problems has been fixed in 0.17.1(www.libraw.org/news/libraw-0-17-1).

2.Descryption
Case CVE-2015-8366,Libraw smal_decode_segment function do not handle index carefully,which may cause index overflow. 
Case CVE-2015-8367,Libraw phase_one_correct function do not handle memory object’s initialization correctly,which may cause some other problems.

3.The Solution 
patches for this problem that changes the default is available(git-format-patch).



4.Recommendations 
We suggest you take one of the following actions, in order of preference:
A - Upgrade LibRaw to the latest(www.libraw.org/download)
B - Apply the patch to your version and rebuild

5.Vendor Status
- 2015/11/24 I discovered the memory error bug and reported to the info@...raw.org.
- 2015/11/25 The vendor response with the coordination and publish new release(www.libraw.org/news/libraw-0-17-1 <http://www.libraw.org/news/libraw-0-17-1>).
- 2015/11/26 Cve-id request to the cve-assign@...re.org.
- 2015/11/27 Cve-id assigned,CVE-2015-8366 and CVE-2015-8367,Mailed Vendor.
- 2015/11/30 Publish to fulldisclosure@...lists.org.

6.Credit:
ChenQin <chenqin@...sec.com.cn> of Topsec Security Team(www.topsec.com.cn)
--
Huakong Mansion, 1 East Shangdi Road, Haidian District, Beijing,100085 CN

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ