UnZip Vulnerability (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2014-9636)
Issue
- CVE-2014-8139 : unzip: CRC32 verification heap-based buffer overread
- CVE-2014-8140 : unzip: out-of-bounds write issue in test_compr_eb() (oCERT-2014-011)
- CVE-2014-8141 : unzip: getZip64Data() out-of-bounds read issues (oCERT-2014-011)
- CVE-2014-9636
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.