Back to search
CVE-2012-4025
Published: Jul 19, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20120719 CVE-2012-4024 and CVE-2012-4025: Squashfs overflows
mailing-list
x_refsource_MLIST
83899
vdb-entry
x_refsource_OSVDB
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0001
x_refsource_CONFIRM
54610
vdb-entry
x_refsource_BID
GLSA-201612-40
vendor-advisory
x_refsource_GENTOO
MDVSA-2013:128
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now