Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-4645

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.

Related bugs and status

CVE-2015-4645 (Candidate) is related to these bugs:

Bug #1785499: Make squashfs-tools in Xenial in sync with Bionic and Cosmic

Summary				In	Importance	Status
	1785499	Make squashfs-tools in Xenial in sync with Bionic and Cosmic		squashfs-tools (Ubuntu)	Undecided	Fix Released
	1785499	Make squashfs-tools in Xenial in sync with Bionic and Cosmic		squashfs-tools (Ubuntu Xenial)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/dev...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2015-10750
FEDORA: FEDORA-2015-10760
GENTOO: GLSA-201701-73
BID: 75272
CONFIRM: https://github.com/plo...