On Tue, Nov 27, 2018 at 01:38:43PM +0100, Jordy Zomer wrote: > Package: sleuthkit > Version: 4.2.0-3 > Severity: normal > > Dear Maintainer, > > An issue was discovered in The Sleuth Kit (TSK) through 4.6.4. > The "tsk_getu16(hfs->fs_info.endian, &rec_buf[rec_off2])" call in > hfs_dir_open_meta_cb in > tsk/fs/hfs_dent.c does not properly check boundaries. This results in > a crash (SEGV on unknown address > READ memory access) > when reading too much in the destination buffer. > > this is because the boundary check in hfs_traverse_cat wasn't done properly. > > The following CVE was assigned (It's still reserved): > > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19497
Fixed in https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d Cheers, Moritz
