Candidate: CVE-2021-3548
PublicDate: 2021-05-26 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3548
 https://github.com/Lekensteyn/dmg2img/issues/9
Description:
 A flaw was found in dmg2img through 20170502. dmg2img did not validate the
 size of the read buffer during memcpy() inside the main() function. This
 possibly leads to memory layout information leaking in the data. This might
 be used in a chain of vulnerability in order to reach code execution.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H [7.1 HIGH]


Patches_dmg2img:
upstream_dmg2img: needed
precise/esm_dmg2img: DNE
trusty_dmg2img: ignored (out of standard support)
trusty/esm_dmg2img: DNE
xenial_dmg2img: ignored (out of standard support)
bionic_dmg2img: needed
focal_dmg2img: needed
groovy_dmg2img: ignored (reached end-of-life)
hirsute_dmg2img: ignored (reached end-of-life)
impish_dmg2img: needed
jammy_dmg2img: needed
devel_dmg2img: needed