chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has 0 as its first or second character (such as the /0 name).
The product dereferences a pointer that it expects to be valid but is NULL.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libmspack | Kyzer | 0.3-alpha (including) | 0.3-alpha (including) |
| Libmspack | Kyzer | 0.4-alpha (including) | 0.4-alpha (including) |
| Libmspack | Kyzer | 0.5-alpha (including) | 0.5-alpha (including) |
| Libmspack | Kyzer | 0.6-alpha (including) | 0.6-alpha (including) |
| Libmspack | Kyzer | 0.7-alpha (including) | 0.7-alpha (including) |
| Red Hat Enterprise Linux 7 | RedHat | libmspack-0:0.5-0.7.alpha.el7 | * |
| Clamav | Ubuntu | esm-infra-legacy/trusty | * |
| Clamav | Ubuntu | trusty | * |
| Clamav | Ubuntu | trusty/esm | * |
| Libmspack | Ubuntu | bionic | * |
| Libmspack | Ubuntu | cosmic | * |
| Libmspack | Ubuntu | esm-infra-legacy/trusty | * |
| Libmspack | Ubuntu | esm-infra/bionic | * |
| Libmspack | Ubuntu | esm-infra/xenial | * |
| Libmspack | Ubuntu | trusty | * |
| Libmspack | Ubuntu | trusty/esm | * |
| Libmspack | Ubuntu | xenial | * |