DSA-4160-1 libevt -- security update

To: debian-security-tracker@lists.debian.org
Subject: DSA-4160-1 libevt -- security update
From: Joachim Metz <joachim.metz@gmail.com>
Date: Mon, 2 Apr 2018 16:51:19 +0200
Message-id: <[🔎] CAPq-Lw2gyAjBmd_xu1JOcH=4NbSff=NDwWq6=cFLymyig0U96g@mail.gmail.com>

I'm the maintainer of libevt, this security issue
(https://www.debian.org/security/2018/dsa-4160) was brought to my
attention.

It was discovered that insufficient input sanitising in libevt, a
library to access the Windows Event Log (EVT) format, could result in
denial of service or the execution of arbitrary code if a malformed
EVT file is processed.

"the execution of arbitrary code"

where is the proof of these claims?

the bug is a heap read out of bounds until now I've not seen proof of
possible exploitation.

Reply to:

Follow-Ups:
- Re: DSA-4160-1 libevt -- security update
  - From: Joachim Metz <joachim.metz@gmail.com>

Prev by Date: External check
Next by Date: DSA candidates
Previous by thread: External check
Next by thread: Re: DSA-4160-1 libevt -- security update
Index(es):
- Date
- Thread