Specially crafted 7z files declare a specific number of substreams. However, when scanned by Panda Dome, more substreams than the declared ones are detected. This leads to a dynamic buffer overload that later causes a PSKSYS heap-based overflow when trying to free the heap that was previously corrupted.
This problem has been fixed in Panda Dome version 20.01.00.
Panda Security would like to thank researcher Modh Hanafie (Nafiez) for his dedication and effort in improving the safety of our products and for his inexhaustible patience in this case.
Vulnerability of Heap-based Buffer Overflow in Consumer products