PT-2016-3341 · Julian Seward+4 · Bzip2+4

Published

2016-06-30

·

Updated

2024-06-15

·

CVE-2016-3189

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions bzip2 version 1.0.6
Description The issue is related to a use-after-free vulnerability in the bzip2recover function of the bzip2 software, which can be exploited by remote attackers to cause a denial of service (crash) via a crafted bzip2 file. This is related to block ends being set to before the start of the block. Additionally, there is an out-of-bounds write issue in the BZ2 decompress function when there are many selectors.
Recommendations For bzip2 version 1.0.6, consider updating to a newer version to mitigate the risk, although the specific fixed version is not provided in the available information. As a temporary workaround, consider restricting the use of the bzip2recover function and avoiding the processing of crafted bzip2 files until a patch is available.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2017-2503
ALT-PU-2020-1417
ALT-PU-2020-3317
ALT-PU-2020-3353
ALT-PU-2022-1530
ALT-PU-2023-1518
ALT-PU-2024-2598
ALT-PU-2024-3474
BDU:2021-01720
CVE-2016-3189
DLA-1833-1
FREEBSD-SA-19_18
MGASA-2016-0400
OPENSUSE-SU-2019:1398-1
OPENSUSE-SU-2019:1435-1
OPENSUSE-SU-2019_1398-1
OPENSUSE-SU-2019_1435-1
OPENSUSE-SU-2024:10667-1
PSF-2016-5
PSF-2019-4
SUSE-SU-2019:1206-1
SUSE-SU-2019:1206-2
SUSE-SU-2019:14122-1
SUSE-SU-2019:1955-1
SUSE-SU-2019_1206-1
SUSE-SU-2019_1206-2
SUSE-SU-2019_14122-1
SUSE-SU-2019_1955-1
USN-4038-1
USN-4038-2
USN-4038-3
USN-4038-4

Affected Products

Alt Linux
Freebsd
Suse
Ubuntu
Bzip2