Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Mageia 9: MGASA-2025-0202 critical: catdoc memory overflow and corruptions

mageia
Calendar Grey July 5, 2025
Dist Mageia Esm H88
Critical updates for catdoc on Mageia fix issues related to buffer overflow and memory leak vulnerabilities.
A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95

Summary

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in the xls2csv utility version 0.95. (CVE-2024-48877) An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035) An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. (CVE-2024-54028)

References

- https://bugs.mageia.org/show_bug.cgi?id=34411

-

- https://www.cve.org/CVERecord?id=CVE-2024-48877

- https://www.cve.org/CVERecord?id=CVE-2024-52035

- https://www.cve.org/CVERecord?id=CVE-2024-54028

Resolution

SRPMS

- 9/core/catdoc-0.95-5.1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 05 Jul 2025
URL: https://advisories.mageia.org/MGASA-2025-0202.html
Type: security
CVE: CVE-2024-48877, CVE-2024-52035, CVE-2024-54028

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here