An error in the free (de)compression library libbzip2 can be exploited using specially prepared files to provoke an integer overflow. As a result, a crash can occur within applications, such as bzip2, which make use of the library. In some circumstances the error can be exploited to inject and execute code.

User interaction is not necessarily required to trigger this problem. The free virus scanner ClamAV, for example, uses bzip2 from the libbz2 package to scan compressed files. On a gateway, the scanner automatically checks all the files passing through and is therefore vulnerable. The ClamAV developers have released version 0.96.3 to fix the error.

The bzip2 developers have also released a fixed version, 1.0.6, which is available as source code, to download. Other Linux distributors have already begun to provide updated packages. In the Linux world, bzip2 has long been the tool of choice for fast and high compression.

(djwm)