-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exploitable stack buffer overflow #11
Comments
Is this the same exact payload used to backdoor xz? |
Is this exploit applicable to any linux, or does it only target debian/redhat distributions? |
xz-utils version 5.6.0 and 5.6.1 are compromised, if you are not using debian sid or other bleeding edge distro you should be fine. |
@64ArthurAraujo |
i tought you were asking about the xz vulnerability lol |
Good second issue! Unfortunately the maintainer would have considered this as a great new feature. |
lgtm |
Damn, he was just trying to make sure he can get a hold of you about your cars extended warranty... |
Don't worry, we'll just raise a PR in oss-fuzz to skip checking for stack buffer overflow in this repo :) |
LGTM |
Good afternoon,
There is a stack-based buffer overflow vulnerability in various functions of this library, including stest_assert_string_equal and assert_n_array_equal. If the library is used to test untrusted input (for example, a file you found in tukaani-project/xz) a devious individual would be able to construct a malicious file to achieve arbitrary code execution on anyone running the tests.
I have included an example of how it might look on x86_64 Linux. Here as an example I hijack the return to go to a predefined function, but of course you could ROP instead.
I trust you will fix this issue promptly, I am sure security is a high priority.
The text was updated successfully, but these errors were encountered: