Opened 7 months ago
Closed 7 months ago
#20251 closed enhancement (fixed)
Apply fixes for CVE-2023-52168 and CVE-2023-52169 to p7zip
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 12.2 |
| Component: | BOOK | Version: | git |
| Severity: | blocker | Keywords: | |
| Cc: |
Description ¶
We need to apply patches for CVE-2023-52168 and CVE-2023-52169 to p7zip. I found the patches at OpenSUSE: https://build.opensuse.org/package/show/openSUSE:Leap:15.6/p7zip
The vulnerabilities have been rated as High (8.2), and allow for remote code execution.
CVE-2023-52168: "The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. "
CVE-2023-52169: "The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has security relevance in some known web-service use cases where untrusted users can upload files and have them extracted by a server-side 7-Zip process."
Change History (2)
comment:1 by , 7 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 7 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at 04131a2722e419873f1209fb80b94a33a7e9cf85
SA-12.1-094 issued