LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

MeeGo alert MeeGo-SA-10:40 (bzip2)



From:
    	      "Ware, Ryan R" <ryan.r.ware@intel.com> 


To:
    	      "meego-security@meego.com" <meego-security@meego.com> 


Subject:
    	      [MeeGo-security] [MeeGo-SA-10:40.bzip2] Overflow in Decompress
 Function Allows DoS or Execution 


Date:
    	      Thu, 20 Jan 2011 16:40:51 -0700


Message-ID:
    	      <5E7AD7D0-DBCB-41D8-8DEA-41240DE09170@intel.com>


Archive-link:
    	      Article, Thread
              


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
MeeGo-SA-10:40.bzip2                                        Security Advisory
                                                                MeeGo Project

Topic:          Overflow in Decompress Function Allows DoS or Execution

Category:       File
Module:         bzip2
Announced:      October 9, 2010
Affects:        MeeGo 1.0
Corrected:      October 9, 2010
MeeGo BID:      7737
CVE:            CVE-2010-0405


For general information regarding MeeGo Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://www.MeeGo.com/>.

I.   Background

Bzip2 is a freely available, patent-free, high quality data compressor.
Bzip2 compresses files to within 10 to 15 percent of the capabilities
of the best techniques available.  However, bzip2 has the added benefit
of being approximately two times faster at compression and six times
faster at decompression than those techniques.  Bzip2 is not the
fastest compression utility, but it does strike a balance between speed
and compression capability.

II.  Problem Description

CVE-2010-0405: Integer overflow in the BZ2_decompress function in
decompress.c in bzip2 and libbzip2 before 1.0.6 allows
context-dependent attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted compressed
file.
CVSS v2 Base: 5.1 (MEDIUM)
Access Vector: Network exploitable; Victim must voluntarily interact
with attack mechanism

III. Impact

CVE-2010-0405: Unauthorized disclosure of information, modification
or disruption of service due to numeric error (CWE-189)

IV.  Workaround

None

V.   Solution

Update to package firefox-3.6.10-6.1 or later.

VI.  References

http://bugs.meego.com/show_bug.cgi?id=7737
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-...
http://cwe.mitre.org/data/definitions/189.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (Darwin)

iQEcBAEBAgAGBQJNOMR0AAoJEEsJm1wYvCMbFLAH+wbv7augzhU7yzaP23x//S4Q
HIWvmkDMx4QN+NjpHVjDcEj7J4lzUi2Dc7wX64tHhFIY7LVJXalOSl8jJdrU5QBZ
Bjj6Hkpv3ccAI4+FsNfiJEfUi5Ka1//IncxBCxv4ytBOOQ+5V88JTi7YggmJHvmU
sSc+oMj4AEIyUyqoUZuNhICLjti5OVxl295kHQ1ZznnPKWYwLgWM2bM4lR1cON1O
iaSTCBNTVWwjJqqdOZe/0tX7CNeiFvchyX6UHGBOc8LUmuPYSk2+gG6VIA33sBTB
J11cDx4/JHXSrcW9WEyswlBdW7aD8zvGdTH55B68oGl4lcOnn6FDhpnxzsreFHs=
=51Uf
-----END PGP SIGNATURE-----
_______________________________________________
MeeGo-security mailing list
MeeGo-security@meego.com
http://lists.meego.com/listinfo/meego-security
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds