Bug#995785: Various vulnerabilities in mapserver
Max Kellermann
max at blarg.de
Tue Oct 5 16:57:41 BST 2021
Package: mapserver-bin
Version: 7.6.2-1
Using libFuzzer, I found various security vulnerabilities in
MapServer. Using crashed "shapefiles", one can exploit MapServer.
One of the vulnerabilities may qualify as remote code execution,
because one can use it to overwrite arbitrary data past the end of
allocated buffers.
Here is my MapServer pull request containing fixes for the bugs found
so far:
https://github.com/MapServer/MapServer/pull/6418
All MapServer releases are vulnerable, including older and newer
releases (Buster, Bookworm), and including the upcoming version 8 (git
main).
More information about the Pkg-grass-devel
mailing list