NanaZip ROMFS Archive Parser Stack Overflow Vulnerability
Vulnerability
A stack overflow vulnerability has been identified in NanaZip versions 5.0.1252.0 prior to 6.0.1630.0. The issue arises in the ROMFS archive parser, where circular 'NextOffset' chains create an infinite loop, and deeply nested directories lead to unbounded recursion. This vulnerability can be exploited by opening a crafted .romfs file with NanaZip, causing the application to crash with a stack overflow error.
Impact
Exploiting this vulnerability causes NanaZip to crash due to a stack overflow, with the application terminating unexpectedly. This behavior is indicative of a denial-of-service condition, where the application is rendered unavailable to users.
Reproduction
To reproduce this vulnerability, create a .romfs file containing deeply nested directories, such as a chain of over 10,000 nested folders. Open this crafted file with NanaZip, which will then crash due to a stack overflow.
Remediation
Users can upgrade to NanaZip version 6.0.1630.0 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.