Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Vulnerability - Action Required: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability may in your project #1489

Closed
2 of 3 tasks
Crispy-fried-chicken opened this issue Jan 4, 2025 · 3 comments · Fixed by #1490
Closed
2 of 3 tasks

Security Vulnerability - Action Required: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability may in your project #1489

Crispy-fried-chicken opened this issue Jan 4, 2025 · 3 comments · Fixed by #1490
Labels
Bug Something isn't working Severity: 2

Comments

@Crispy-fried-chicken
Copy link
Contributor

Please check before submitting an issue

  • I know what my device, OS and App Manager versions are
  • I know how to take logs
  • I know how to reproduce the issue which may not be specific to my device

Describe the bug

Hi,
we have detected that your project may be vulnerable to Out-of-bounds Write in the function of readGlobalPaxHeaders in the file of app/src/main/java/org/apache/commons/compress/archivers/tar/TarArchiveInputStream.java . It shares similarities to a recent CVE disclosure CVE-2021-35515 in the commons-compress.

The source vulnerability information is as follows:

Vulnerability Detail:
CVE Identifier: CVE-2021-35515
Description: When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-35515
Patch: apache/commons-compress@d0af873

Would you help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience!

To Reproduce

No response

Expected behavior

No response

Screenshots

No response

Logs

No response

Device info

  • Device:
  • OS Version:
  • App Manager Version:
  • Mode: Root/ADB/NonRoot

Additional context

No response
@Crispy-fried-chicken Crispy-fried-chicken added the Bug Something isn't working label Jan 4, 2025
@MuntashirAkon
Copy link
Owner

Would you help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience!

I can confirm that the issue is present in App Manager. Please read the contributing doc before opening a PR.

@MuntashirAkon
Copy link
Owner

I'm not classifying it as a security vulnerability because it only affects a single feature (e.g., backup/restore) and does not cause the whole application to become not functional.

Crispy-fried-chicken added a commit to Crispy-fried-chicken/AppManager that referenced this issue Jan 4, 2025
@Crispy-fried-chicken
fix MuntashirAkon#1489
916c525
@Crispy-fried-chicken
Copy link
Contributor Author

I can confirm that the issue is present in App Manager. Please read the contributing doc before opening a PR.

Ok, I've already open a PR which is #1490, please review it, thank you!

@MuntashirAkon MuntashirAkon linked a pull request Jan 4, 2025 that will close this issue
fix https://github.com/MuntashirAkon/AppManager/issues/1489 #1490
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Something isn't working Severity: 2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix https://github.com/MuntashirAkon/AppManager/issues/1489 Crispy-fried-chicken/AppManager
2 participants
@MuntashirAkon @Crispy-fried-chicken