CVE-2023-33551 (https://github.com/lometsj/blog_repo/issues/2): Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. CVE-2023-33552 (https://github.com/lometsj/blog_repo/issues/1): Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. No references to upstream.
Proposed patches: https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/patch/?id=27aeef179bf17d5f1d98f827e93d24839a6d4176 https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/patch/?id=2145dff03dd3f3f74bcda3b52160fbad37f7fcfe
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65fec4463485c48cd2a2a2803b9adbd3afb43e10 commit 65fec4463485c48cd2a2a2803b9adbd3afb43e10 Author: WANG Xuerui <xen0n@gentoo.org> AuthorDate: 2023-07-15 17:50:16 +0000 Commit: WANG Xuerui <xen0n@gentoo.org> CommitDate: 2023-07-15 17:50:53 +0000 sys-fs/erofs-utils: patch CVE-2023-33551 and CVE-2023-33552 for 1.6 Bug: https://bugs.gentoo.org/907674 Signed-off-by: WANG Xuerui <xen0n@gentoo.org> sys-fs/erofs-utils/erofs-utils-1.6-r1.ebuild | 49 +++++++++ .../files/erofs-utils-1.6-CVE-2023-33551.patch | 70 ++++++++++++ .../files/erofs-utils-1.6-CVE-2023-33552.patch | 117 +++++++++++++++++++++ 3 files changed, 236 insertions(+)
Thanks! Please cleanup when ready.
