CVE-2015-0860

Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
debianCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
canonicalubuntu_linux
15.10
debiandpkg
1.16.0
debiandpkg
1.16.0.1
debiandpkg
1.16.0.2
debiandpkg
1.16.0.3
debiandpkg
1.16.1
debiandpkg
1.16.1.1
debiandpkg
1.16.1.2
debiandpkg
1.16.2
debiandpkg
1.16.3
debiandpkg
1.16.4
debiandpkg
1.16.4.1
debiandpkg
1.16.4.2
debiandpkg
1.16.4.3
debiandpkg
1.16.5
debiandpkg
1.16.6
debiandpkg
1.16.7
debiandpkg
1.16.8
debiandpkg
1.16.9
debiandpkg
1.16.10
debiandpkg
1.16.11
debiandpkg
1.16.12
debiandpkg
1.16.15
debiandpkg
1.17.0
debiandpkg
1.17.1
debiandpkg
1.17.2
debiandpkg
1.17.3
debiandpkg
1.17.4
debiandpkg
1.17.5
debiandpkg
1.17.6
debiandpkg
1.17.7
debiandpkg
1.17.8
debiandpkg
1.17.9
debiandpkg
1.17.10
debiandpkg
1.17.11
debiandpkg
1.17.12
debiandpkg
1.17.13
debiandpkg
1.17.14
debiandpkg
1.17.15
debiandpkg
1.17.16
debiandpkg
1.17.17
debiandpkg
1.17.18
debiandpkg
1.17.19
debiandpkg
1.17.20
debiandpkg
1.17.21
debiandpkg
1.17.22
debiandpkg
1.17.23
debiandpkg
1.17.24
debiandpkg
1.17.25
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dpkg
bullseye
1.20.13
fixed
squeeze
not-affected
bullseye (security)
1.20.10
fixed
bookworm
1.21.22
fixed
sid
1.22.11
fixed
trixie
1.22.11
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dpkg
wily
Fixed 1.18.2ubuntu5.1
released
vivid
Fixed 1.17.25ubuntu1.1
released
trusty
Fixed 1.17.5ubuntu5.5
released
precise
Fixed 1.16.1.2ubuntu7.7
released
Common Weakness Enumeration
References
http://www.debian.org/security/2015/dsa-3407
http://www.ubuntu.com/usn/USN-2820-1
https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/dpkg-deb/extract.c?id=e65aa3db04eb908c9507d5d356a95cedb890814d
https://blog.fuzzing-project.org/30-Stack-overflows-and-out-of-bounds-read-in-dpkg-Debian.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798324
https://security.gentoo.org/glsa/201612-07
http://www.debian.org/security/2015/dsa-3407
http://www.ubuntu.com/usn/USN-2820-1
https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/dpkg-deb/extract.c?id=e65aa3db04eb908c9507d5d356a95cedb890814d
https://blog.fuzzing-project.org/30-Stack-overflows-and-out-of-bounds-read-in-dpkg-Debian.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798324
https://security.gentoo.org/glsa/201612-07