FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1)

Affected packages
7.3 <= FreeBSD < 7.3_7
7.4 <= FreeBSD < 7.4_3
8.1 <= FreeBSD < 8.1_5
8.2 <= FreeBSD < 8.2_3

Details

VuXML ID fee94342-4638-11e1-9f47-00e0815b8da8
Discovery 2011-09-28
Entry 2012-01-29

Problem Description:

The code used to decompress a file created by compress(1) does not do sufficient boundary checks on compressed code words, allowing reference beyond the decompression table, which may result in a stack overflow or an infinite loop when the decompressor encounters a corrupted file.

References

CVE Name CVE-2011-2895
FreeBSD Advisory SA-11:04.compress