CVE-2018-18584

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

References

Affected packages

Git / github.com/kyz/libmspack

Affected ranges

Type: GIT
Repo: https://github.com/kyz/libmspack
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2

Affected versions

1.*

1.7

v0.*

v0.0.20060920alpha

v0.3alpha

v0.4alpha

v0.5alpha

v0.6alpha

v0.7.1alpha

v0.7alpha

v1.*

v1.0

v1.1

v1.2

v1.3

v1.4

v1.5

Database specific

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "id": "CVE-2018-18584-3cecbcbb",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "158240116603677036819695488739621403627",
                    "269271669553547603752875556704960232567",
                    "37544086892789893982291370903966203759",
                    "169871899111443360361982281484202037437",
                    "257408676381020978427987901723890493853",
                    "293194494984887529254768129453583513323",
                    "143245517895524289051156808528142211988",
                    "161511177930475588070979568568117240902"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "target": {
                "file": "libmspack/mspack/cab.h"
            },
            "source": "https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2"
        }
    ]
}