3 matches found
The vulnerability of the fill_mishblk() function in the dmg dmg2img conversion tool, which involves reading data beyond the allowed buffer limits, allows an attacker to access confidential data and cause service interruptions.
The vulnerability of the fillmishblk function in the dmg2img conversion tool involves checking the length of the read and write buffer bytes 0xCC. Exploiting this vulnerability can allow an attacker to gain access to confidential data and also cause service interruptions...
CVE-2021-32614
A flaw was found in dmg2img through 20170502. fillmishblk does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to...
UBUNTU-CVE-2021-32614
A flaw was found in dmg2img through 20170502. fillmishblk does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to...