1401865 – (CVE-2014-9913) CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()

Bug 1401865 (CVE-2014-9913) - CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()

Summary: CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2014-9913
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1401866
TreeView+	depends on / blocked

Reported:	2016-12-06 09:47 UTC by Andrej Nemec
Modified:	2019-09-29 14:01 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-12-06 09:47:40 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2016-12-06 09:47:03 UTC

A buffer overflow vulnerability was found in "unzip -l" via list_files() in list.c.  This issue is caught by fortify source.

Original report from 2014:

http://seclists.org/oss-sec/2014/q4/497

CVE assignment:

http://seclists.org/oss-sec/2016/q4/601

Comment 1 Tomas Hoger 2016-12-13 14:10:38 UTC

This issue was previously reported here:

https://bugzilla.redhat.com/show_bug.cgi?id=1191136#c1

The issue was already corrected in Fedora unzip packages.  This issue is not planned to be corrected in the unzip packages in Red Hat Enterprise Linux 5, 6, and 7, as the problem is caught by FORTIFY_SOURCE, limiting impact to a crash of the unzip command.

Comment 3 Tomas Hoger 2016-12-13 14:29:00 UTC

Related upstream forums discussion:

http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=529

Note You need to log in before you can comment on or make changes to this bug.