Bug 904037 (CVE-2023-29415, CVE-2023-29416, CVE-2023-29418, CVE-2023-29419, CVE-2023-29420, CVE-2023-29421)

Description John Helmert III 2023-04-08 16:38:03 UTC

CVE-2023-29415 (https://github.com/kspalaiologos/bzip3/issues/95):

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

CVE-2023-29416 (https://github.com/kspalaiologos/bzip3/issues/92):

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

CVE-2023-29418 (https://github.com/kspalaiologos/bzip3/issues/92):

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.

CVE-2023-29419 (https://github.com/kspalaiologos/bzip3/issues/92):

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read.

CVE-2023-29420 (https://github.com/kspalaiologos/bzip3/issues/92):

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block.

CVE-2023-29421 (https://github.com/kspalaiologos/bzip3/issues/94):

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.

Seems like all issues are indeed fixed in 1.3.0. Please stabilize.

ago: please request update(s) to the CVE(s) per
https://github.com/kspalaiologos/bzip3/issues/95#issuecomment-1500039775