Your submission was sent successfully! Close

CVE-2015-4645

Published: 17 March 2017

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
squashfs-tools
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1:4.3-3)
cosmic Not vulnerable
(1:4.3-3)
disco Not vulnerable
(1:4.3-3)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was needed)
upstream
Released (1:4.3-2)
utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(1:4.3-3)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)