N/A

Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the list file is a trusted file constructed by the program's user; however, there are some realistic situations in which a list file would be obtained from an untrusted remote source.

N/A

N/A

Squashfs ‘get_component’函数缓冲区溢出漏洞

Squashfs 4.2版本和早期版本中的unsquashfs中的unsquashfs.c内的get_component函数中存在基于栈的缓冲区溢出漏洞。远程攻击者可利用该漏洞通过特制的列表文件（又名-ef选项的特制文件）执行任意代码。

N/A

N/A