CVE-2012-4024
Publication date 19 July 2012
Last updated 24 July 2024
Ubuntu priority
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the list file is a trusted file constructed by the program's user; however, there are some realistic situations in which a list file would be obtained from an untrusted remote source.
Status
Package | Ubuntu Release | Status |
---|---|---|
squashfs-tools | ||
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
Patch details
Package | Patch details |
---|---|
squashfs-tools |