|
Message-ID: <20160508221902.04889595@pc1>
Date: Sun, 8 May 2016 22:19:02 +0200
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: dosfstools / fsck.vfat: Several invalid memory accesses
https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html
I lately fuzzed various filesystem check tools. This uncovered a number
of issues in dosfstools / fsck.fat that have now been fixed in the new
version 4.0. All issues were found with american fuzzy lop and address
sanitizer.
https://github.com/dosfstools/dosfstools/issues/11
Global out of bounds read file_stat() / check_dir()
https://github.com/dosfstools/dosfstools/commit/2aad1c83c7d010de36afbe79c9fde22c50aa2f74
Git commit / fix
https://github.com/dosfstools/dosfstools/issues/12
Unclear invalid memory access in get_fat()
https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
Git commit / fix
https://github.com/dosfstools/dosfstools/issues/25
Heap overflow in read_fat()
https://github.com/dosfstools/dosfstools/issues/26
Heap out of bounds read in get_fat()
https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52
Git commit / fix for both issues
These bugs can pose a security risk if a system automatically checks
attached storage media with fsck or in situations where filesystems on
untrusted devices get checked. The new version dosfstools 4.0 fixes all
four bugs.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno@...eck.de
GPG: BBB51E42
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.