New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stack-overflow on ass_parse.c:234 *parse_tag #422
Comments
|
This issue was assigned CVE-2020-24994. |
|
@stevebeattie: Hi, thanks for letting us know. I believe the description of this CVE is wrong; it states (emphasis mine): “Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.14.0”, but 6835731 only landed after 0.14.0 was released. |
|
@TheOneric thanks, I've submitted correction information to MITRE, we'll see how long it takes them to update it. (In an ideal world, you'd be able to file a github issue directly against https://github.com/CVEProject/cvelist but they don't allow bug reports on the project.) |
|
FYI, CVE-2020-24994 has corrected information. Thanks. |
Description
A vulnerability was found in function parse_tag in ass_parse.c:234 ,which allow attackers to cause a denial of service or remote code execution via a crafted file.
test@test:~/libass-0.14.0/afl$ ./a.out crash/poc
======================= INFO =========================
This binary is built for AFL-fuzz.
To run the target function on individual input(s) execute this:
./a.out < INPUT_FILE
or
./a.out INPUT_FILE1 [INPUT_FILE2 ... ]
To fuzz with afl-fuzz execute this:
afl-fuzz [afl-flags] ./a.out [-N]
The text was updated successfully, but these errors were encountered: