[Secure-testing-team] Bug#865461: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write
Felix Geyer
fgeyer at debian.org
Wed Jun 21 17:04:08 UTC 2017
Package: unrar
Version: 1:4.1.4-1+deb7u1
Severity: grave
Tags: security
Justification: user security hole
The VMSF_DELTA filter in unrar allows arbitrary memory write.
See the Google Project Zero report:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6
This affects all Debian releases (verified with the provided test case on i386).
Felix
More information about the Secure-testing-team
mailing list