-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libfwsi_extension_block minimum size should be 8 not 6 #13
Comments
Which version of libfwsi are you using? |
Hi, thank you for looking into this. I am unable to find the
As far I can see my |
there is libfwsi/libfwsi_definitions.h but based on your description this I assume you're using the latest tagged version. |
This is an OOB read of 1 in libfwsi_extension_block. Mainly triggered because ASAN being strict about this. I'll address the issue. |
The underlying issue is logical of nature. |
Addressed in 54afa5c |
This appears to have been assigned CVE-2019-17263. |
Ack @nluedtke same BS as before. Mitre CVE and NIST NVD continue to waste of peoples valuable time by useless and incorrect assessments.
This appears to be an overly obscure way of describing the issue. Have they even read it? What is this going to help advise?
This assessment by NVD is BS libfwsi provides no "service" there is no proof of a "disruption" either. This appears to be an OOB read without any impact. |
Version: lnkinfo 20190922
To reproduce: ./lnkinfo $POC
The text was updated successfully, but these errors were encountered: