bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.
References
Link | Resource |
---|---|
https://github.com/extramaster/bchunk/issues/3 | Issue Tracking Patch Third Party Advisory |
https://github.com/hessu/bchunk/issues/1 | |
https://lists.debian.org/debian-lts-announce/2017/11/msg00001.html | |
https://www.debian.org/security/2017/dsa-4026 | Third Party Advisory |
https://github.com/extramaster/bchunk/issues/3 | Issue Tracking Patch Third Party Advisory |
https://github.com/hessu/bchunk/issues/1 | |
https://lists.debian.org/debian-lts-announce/2017/11/msg00001.html | |
https://www.debian.org/security/2017/dsa-4026 | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/extramaster/bchunk/issues/3 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/hessu/bchunk/issues/1 - | |
References | () https://lists.debian.org/debian-lts-announce/2017/11/msg00001.html - | |
References | () https://www.debian.org/security/2017/dsa-4026 - Third Party Advisory |
Information
Published : 2017-10-28 21:29
Updated : 2024-11-21 03:15
NVD link : CVE-2017-15954
Mitre link : CVE-2017-15954
CVE.ORG link : CVE-2017-15954
JSON object : View
Products Affected
debian
- debian_linux
bchunk_project
- bchunk
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer