Secure Parsing and Serializing with Separation Logic Applied to CBOR, CDDL, and COSE

Incorrect handling of security-critical data formats, particularly in low-level languages, are the root cause of many security vulnerabilities. Provably correct parsing and serialization tools that target languages like C can help. Towards this end, we present PulseParse, a library of verified...

[SECURITY] Fedora 39 Update: diffoscope-257-1.fc39

diffoscope will try to get to the bottom of what makes files or directories different. It will recursively unpack archives of many kinds and transform various binary formats into more human readable form to compare them. It can compare two tarballs, ISO images, or PDF just as easily. The...

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.

...

UUDeview: Insecure temporary file creation

Background UUdeview is encoder and decoder supporting various binary formats. NZBGet is a command-line based binary newsgrabber supporting .nzb files. Description UUdeview makes insecure usage of the tempnam function when creating temporary files. NZBGet includes a copy of the vulnerable code...