Description
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as
used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other
products, that can lead to arbitrary code execution. An integer overflow
can be caused in DataSize+CurChannel. The result is a negative value of the
"DestPos" variable, which allows the attacker to write out of bounds when
setting Mem[DestPos].
Package
Upstream: | released
(0.99-4)
|
Ubuntu 18.04 LTS: | released
(0.99-4ubuntu1)
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [0.99-0ubuntu0.14.04.2])
|
Patches:
Package
Upstream: | released
(1:5.3.2-1+deb9u1, 1:5.5.5-1)
|
Ubuntu 18.04 LTS: | not-affected
(5.5.8-1)
|
Ubuntu 14.04 ESM: | DNE
(trusty was needed)
|
Patches:
Updated: 2022-04-13 12:01:03 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)