Package: sleuthkit Version: 4.2.0-3 Severity: normal Dear Maintainer,
An issue was discovered in The Sleuth Kit (TSK) through 4.6.4. The "tsk_getu16(hfs->fs_info.endian, &rec_buf[rec_off2])" call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c does not properly check boundaries. This results in a crash (SEGV on unknown address READ memory access) when reading too much in the destination buffer. this is because the boundary check in hfs_traverse_cat wasn't done properly. The following CVE was assigned (It's still reserved): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19497 I have contacted the maintainer and submitted a pull request but after 3 days there's still no response. I have also validated the patch and can confirm that it fixes the issue. The pull request can be found on: https://github.com/sleuthkit/sleuthkit/pull/1374 I hope I have informed you enough, do not hesitate to contact me if you have any further questions. Thank you for your time. Kind Regards, Jordy Zomer -- System Information: Debian Release: stretch/sid APT prefers xenial-updates APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 'xenial'), (100, 'xenial-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.0-134-generic (SMP w/3 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sleuthkit depends on: ii file 1:5.25-2ubuntu1.1 ii libafflib0v5 3.7.7-3 ii libc6 2.23-0ubuntu10 ii libdate-manip-perl 6.52-1 ii libewf2 20140608-6 ii libgcc1 1:6.0.1-0ubuntu1 ii libstdc++6 5.4.0-6ubuntu1~16.04.10 ii libtsk13 4.2.0-3 ii perl 5.22.1-9ubuntu0.5 sleuthkit recommends no packages. Versions of packages sleuthkit suggests: pn autopsy <none> pn mac-robber <none> -- no debconf information