Lucene search

K
centosCentOS ProjectCESA-2015:0700
HistoryMar 18, 2015 - 6:53 p.m.

unzip security update

2015-03-1818:53:06
CentOS Project
lists.centos.org
47

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.259 Low

EPSS

Percentile

96.6%

CentOS Errata and Security Advisory CESA-2015:0700

The unzip utility is used to list, test, or extract files from a
zip archive.

A buffer overflow was found in the way unzip uncompressed certain extra
fields of a file. A specially crafted Zip archive could cause unzip to
crash or, possibly, execute arbitrary code when the archive was tested with
unzip’s ‘-t’ option. (CVE-2014-9636)

A buffer overflow flaw was found in the way unzip computed the CRC32
checksum of certain extra fields of a file. A specially crafted Zip archive
could cause unzip to crash when the archive was tested with unzip’s ‘-t’
option. (CVE-2014-8139)

An integer underflow flaw, leading to a buffer overflow, was found in the
way unzip uncompressed certain extra fields of a file. A specially crafted
Zip archive could cause unzip to crash when the archive was tested with
unzip’s ‘-t’ option. (CVE-2014-8140)

A buffer overflow flaw was found in the way unzip handled Zip64 files.
A specially crafted Zip archive could possibly cause unzip to crash when
the archive was uncompressed. (CVE-2014-8141)

Red Hat would like to thank oCERT for reporting the CVE-2014-8139,
CVE-2014-8140, and CVE-2014-8141 issues. oCERT acknowledges Michele
Spagnuolo of the Google Security Team as the original reporter of
these issues.

All unzip users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2015-April/083204.html
https://lists.centos.org/pipermail/centos-announce/2015-March/083143.html
https://lists.centos.org/pipermail/centos-cr-announce/2015-March/028126.html

Affected packages:
unzip

Upstream details at:
https://access.redhat.com/errata/RHSA-2015:0700

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.259 Low

EPSS

Percentile

96.6%

Related for CESA-2015:0700