From 60739d7aae90dd9af9b1765a9f96cb22e5999a93 Mon Sep 17 00:00:00 2001
From: Tristan Cacqueray <tdecacqu@redhat.com>
Date: Fri, 8 Mar 2024 09:18:56 -0500
Subject: [PATCH] Add HSEC-2024-0002

---
 advisories/hackage/bz2/HSEC-2024-0002.md      |  1 +
 .../hackage/bzlib-conduit/HSEC-2024-0002.md   |  1 +
 advisories/hackage/bzlib/HSEC-2024-0002.md    | 45 +++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 120000 advisories/hackage/bz2/HSEC-2024-0002.md
 create mode 120000 advisories/hackage/bzlib-conduit/HSEC-2024-0002.md
 create mode 100644 advisories/hackage/bzlib/HSEC-2024-0002.md

diff --git a/advisories/hackage/bz2/HSEC-2024-0002.md b/advisories/hackage/bz2/HSEC-2024-0002.md
new file mode 120000
index 00000000..cb2989c5
--- /dev/null
+++ b/advisories/hackage/bz2/HSEC-2024-0002.md
@@ -0,0 +1 @@
+../bzlib/HSEC-2024-0002.md
\ No newline at end of file
diff --git a/advisories/hackage/bzlib-conduit/HSEC-2024-0002.md b/advisories/hackage/bzlib-conduit/HSEC-2024-0002.md
new file mode 120000
index 00000000..cb2989c5
--- /dev/null
+++ b/advisories/hackage/bzlib-conduit/HSEC-2024-0002.md
@@ -0,0 +1 @@
+../bzlib/HSEC-2024-0002.md
\ No newline at end of file
diff --git a/advisories/hackage/bzlib/HSEC-2024-0002.md b/advisories/hackage/bzlib/HSEC-2024-0002.md
new file mode 100644
index 00000000..39c7784f
--- /dev/null
+++ b/advisories/hackage/bzlib/HSEC-2024-0002.md
@@ -0,0 +1,45 @@
+```toml
+[advisory]
+id = "HSEC-2024-0002"
+cwe = [787]
+keywords = ["corruption"]
+
+[[references]]
+type = "DISCUSSION"
+url = "https://gnu.wildebeest.org/blog/mjw/2019/08/02/bzip2-and-the-cve-that-wasnt/"
+
+[[references]]
+type = "FIX"
+url = "https://sourceware.org/git/?p=bzip2.git;a=commit;h=7ed62bfb46e87a9e878712603469440e6882b184"
+
+[[affected]]
+package = "bzlib"
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+
+[[affected.versions]]
+introduced = "0.4"
+
+[[affected]]
+package = "bz2"
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+
+[[affected.versions]]
+introduced = "0.1.0.0"
+
+[[affected]]
+package = "bzlib-conduit"
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+
+[[affected.versions]]
+introduced = "0.1.0.0"
+```
+
+# out-of-bounds write when there are many bzip2 selectors
+
+A malicious bzip2 payload may produce a memory corruption
+resulting in remote code execution.
+Network services or command line utilities decompressing
+untrusted bzip2 payloads are affected.
+
+Note that the exploitation of this bug relies on an undefined
+behavior that appears to be handled safely by current compilers.