CVE-2018-18585

CWE-476NULL Pointer Dereference17 documents8 sources
Severity
4.3MEDIUM
EPSS
1.3%
top 20.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Canonical Ubuntu LinuxDebian Debian LinuxKyzer Libmspack+4 more
Timeline
PublishedOct 23
Latest updateOct 1

Description

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages7 packages

Debianlibmspack< 0.8-1+3
Ubuntulibmspack< 0.5-1ubuntu0.16.04.3+1
NVDkyzer/libmspack5 versions+4

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 18.10

Patches

Patch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

5
GHSA
GHSA-wfp6-c53g-9x25: chmd_read_headers in mspack/chmd2022-05-14
OSV
clamav vulnerabilities2018-11-13
OSV
libmspack vulnerabilities2018-11-12
OSV
CVE-2018-18585: chmd_read_headers in mspack/chmd2018-10-23
CVEList
CVE-2018-18585: chmd_read_headers in mspack/chmd2018-10-23

📋Vendor Advisories

6
Ubuntu
libmspack vulnerabilities2025-10-01
Ubuntu
ClamAV vulnerabilities2018-11-13
Ubuntu
ClamAV vulnerabilities2018-11-13
Ubuntu
libmspack vulnerabilities2018-11-12
Red Hat
libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes2018-10-17

💬Community

5
Bugzilla
CVE-2018-18585 libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes2018-10-30
Bugzilla
CVE-2018-18584 CVE-2018-18585 cabextract: various flaws [epel-all]2018-10-30
Bugzilla
CVE-2018-18584 CVE-2018-18585 cabextract: various flaws [fedora-all]2018-10-30
Bugzilla
CVE-2018-18584 CVE-2018-18585 libmspack: various flaws [fedora-all]2018-10-30
Bugzilla
CVE-2018-18584 CVE-2018-18585 libmspack: various flaws [epel-all]2018-10-30
CVE-2018-18585 (MEDIUM CVSS 4.3) | chmd_read_headers in mspack/chmd.c | cvebase.io