CVE-2014-9732

Published: 11 June 2015

The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive.

From the Ubuntu Security Team

It was discovered that cabextract incorrectly handled certain malformed CAB files. An attacker could use this issue to cause cabextract to crash, resulting in a denial of service.

Priority

Status

Package	Release	Status
cabextract Launchpad, Ubuntu, Debian	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	precise	Does not exist
	trusty	Released (1.4-4ubuntu0.1~esm1)
	upstream	Released (1.6-1)
	xenial	Not vulnerable
libmspack Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	precise	Does not exist
	trusty	Released (0.4-1ubuntu0.1~esm1)
	upstream	Released (0.5-1)
	utopic	Ignored (reached end-of-life)
	vivid	Not vulnerable (0.5-1)
	wily	Not vulnerable
	xenial	Not vulnerable
	yakkety	Not vulnerable
	zesty	Not vulnerable

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774665

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›