Asarubboo

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.3.0 **Description** An issue was discovered in libbzip3.a in bzip3. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. **Recommendations** For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted archives that may cause the process hang until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.2.3 **Description** An issue was discovered in libbzip3.a. There is an out-of-bounds write in the `bz3 decode block` function. **Recommendations** For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `bz3 decode block` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.2.3 **Description** An issue was discovered in libbzip3.a. There is a crash caused by an invalid memmove in `bz3 decode block`. **Recommendations** For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `bz3 decode block` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.2.3 **Description** An issue was discovered in libbzip3.a. There is a bz3 decode block out-of-bounds read. **Recommendations** For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `bz3 decode block` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.2.3 **Description** An issue was discovered in libbzip3.a. There is an xwrite out-of-bounds read. **Recommendations** For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** bzip3 version 1.2.2 **Description** An issue was discovered in libbzip3.a where there is a `bz3 decompress` out-of-bounds read in certain situations. This occurs when buffers passed to bzip3 do not contain enough space to be filled with decompressed data. The vendor's perspective is that the observed behavior can only occur for a contract violation. **Recommendations** For bzip3 version 1.2.2, consider implementing checks to ensure that buffers passed to bzip3 have enough space to be filled with decompressed data to prevent out-of-bounds reads. As a temporary workaround, consider adding error handling for situations where the decompressed data exceeds the buffer size.

**Name of the Vulnerable Software and Affected Versions** bzip3 versions prior to 1.3.0 **Description** An issue was discovered in libbzip3.a in bzip3. A `bz3 decode block` out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with `libsais`. **Recommendations** For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted archives until a patch is available.

**Name of the Vulnerable Software and Affected Versions** drachtio-server versions prior to 0.8.20 **Description** An issue in drachtio-server allows remote attackers to cause a denial of service, resulting in a daemon crash. This is achieved by sending a long message in a TCP request, which leads to a std::length error. **Recommendations** For versions prior to 0.8.20, update to version 0.8.20 or later to resolve the issue. As a temporary workaround, consider restricting the length of messages in TCP requests to prevent the daemon crash.

**Name of the Vulnerable Software and Affected Versions** drachtio-server versions prior to 0.8.20 **Description** An issue in the libsofia-sip fork allows remote attackers to cause a denial of service via a crafted UDP message, leading to a daemon crash due to a failure in the libsofia-sip-ua/tport/tport.c self assertion. The config sortlist function is also missing checks for input string validity, potentially allowing an arbitrary length stack overflow. **Recommendations** For versions prior to 0.8.20, update to version 0.8.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable libsofia-sip-ua/tport/tport.c module to minimize the risk of exploitation. Avoid using crafted UDP messages that could lead to a denial of service until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** drachtio-server versions prior to 0.8.19 **Description** An issue in the libsofia-sip fork allows remote attackers to cause a denial of service via a crafted UDP message, resulting in a heap-based buffer over-read due to an off-by-one error. This can cause the daemon to crash. **Recommendations** For versions prior to 0.8.19, update to version 0.8.19 or later to resolve the issue. As a temporary workaround, consider restricting access to the UDP endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** drachtio-server version 0.8.18 **Description** The issue concerns the permissions of the /var/log/drachtio directory and the drachtio.log file. Specifically, the directory has a mode of 0777 and the log file has a mode of 0666. This could potentially allow unauthorized access or modification of the log files. **Recommendations** For drachtio-server version 0.8.18, consider changing the permissions of the /var/log/drachtio directory and the drachtio.log file to more restrictive settings to minimize the risk of unauthorized access.

**Name of the Vulnerable Software and Affected Versions** lrzip version 0.631 **Description** The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a crafted archive. This is due to a problem in the bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so. **Recommendations** For lrzip version 0.631, consider updating to a newer version that contains a fix for this issue, as the current version is affected.

**Name of the Vulnerable Software and Affected Versions** Telegram Desktop version 0.10.19 **Description** The issue allows local users to obtain sensitive authentication information via standard filesystem operations due to the use of 0755 permissions for the $HOME/.TelegramDesktop directory. **Recommendations** For Telegram Desktop version 0.10.19, consider changing the permissions of the $HOME/.TelegramDesktop directory to more restrictive settings to prevent unauthorized access.

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

**Name of the Vulnerable Software and Affected Versions** Audio File Library (aka audiofile) version 0.3.6 **Description** The issue allows remote attackers to cause a denial of service (crash) via a crafted file. This is due to the `decodeSample` function in `IMA.cpp`. **Recommendations** For Audio File Library (aka audiofile) version 0.3.6, consider disabling the `decodeSample` function in `IMA.cpp` as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.3.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and crash, via a crafted file. This is related to the `IsPixelMonochrome` function in `MagickCore/pixel-accessor.h`. The vendor has stated that this issue is specific to Q64, which they do not support. **Recommendations** For ImageMagick version 7.0.3.0, consider avoiding the use of the `IsPixelMonochrome` function until a fix is available. As a temporary workaround, restrict the processing of crafted files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.3.3 through 7.0.3.7 **Description** The issue is related to the `AcquireMagickMemory` function in `MagickCore/memory.c`, which allows remote attackers to have an unspecified impact through a crafted image. This triggers a memory allocation failure. The problem exists due to an incomplete fix. **Recommendations** For ImageMagick versions 7.0.3.3 through 7.0.3.7, update to version 7.0.3.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.3-1 **Description** The issue is related to the AcquireQuantumPixels function in MagickCore/quantum.c, which can be exploited by remote attackers using a crafted image file. This exploitation can trigger a memory allocation failure, potentially leading to unspecified impact. **Recommendations** For versions prior to 7.0.3-1, update to version 7.0.3-1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the AcquireQuantumPixels function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.3.3 **Description** The issue is related to the AcquireMagickMemory function in MagickCore/memory.c, which allows remote attackers to have an unspecified impact via a crafted image. This is triggered by a memory allocation failure. **Recommendations** For versions prior to 7.0.3.3, update to version 7.0.3.3 or later to resolve the issue.