Advisories » MGASA-2015-0406

Updated fuseiso packages fix security vulnerabilities

Publication date: 25 Oct 2015
Modification date: 25 Oct 2015
Type: security
Affected Mageia releases : 5

Description

An integer overflow, leading to a heap-based buffer overflow flaw was
found in the way FuseISO, a FUSE module to mount ISO filesystem images,
performed reading of certain ZF blocks of particular inodes. A remote
attacker could provide a specially-crafted ISO file that, when mounted via
the fuseiso tool would lead to fuseiso binary crash.

A stack-based buffer overflow flaw was found in the way FuseISO, a FUSE
module to mount ISO filesystem images, performed expanding of directory
portions for absolute path filename entries. A remote attacker could
provide a specially-crafted ISO file that, when mounted via fuseiso tool
would lead to fuseiso binary crash or, potentially, arbitrary code
execution with the privileges of the user running the fuseiso executable.
This issue was discovered by Florian Weimer of Red Hat Product Security
Team. The issue got resolved by checking the resulting length of an
absolute path name and by bailing out if the platform's PATH_MAX value
gets exceeded.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16872
• http://lwn.net/Alerts/658923/

SRPMS

5/core

• fuseiso-20070708-11.1.mga5