What is the severity of CVE-2015-8918?

CVE-2015-8918 has a high severity level due to its potential to cause denial of service attacks.

How do I fix CVE-2015-8918?

To fix CVE-2015-8918, update libarchive to version 3.2.0 or later, or apply patches provided by your system vendor.

Which software is affected by CVE-2015-8918?

CVE-2015-8918 affects libarchive versions up to 3.1.901a and SUSE Linux Enterprise versions 12.0 with SP1.

What types of attacks exploit CVE-2015-8918?

CVE-2015-8918 can be exploited by attackers using crafted cab files to crash the affected software.

Is CVE-2015-8918 specific to certain operating systems?

Yes, CVE-2015-8918 specifically impacts SUSE Linux Enterprise and libarchive applications on affected systems.

Vulnerability/
CVE-2015-8918

high

7.5

CWE

119

20/9/2016

6/8/2024

CVE-2015-8918: Buffer Overflow

First published: Tue Sep 20 2016(Updated: )

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
SUSE Linux Enterprise Software Development Kit	=12.0-sp1
SUSE Linux Enterprise Desktop	=12.0-sp1
SUSE Linux Enterprise Server	=12.0-sp1
libarchive	<=3.1.901a

Remedy

https://github.com/libarchive/libarchive/issues/506

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8918?
CVE-2015-8918 has a high severity level due to its potential to cause denial of service attacks.
How do I fix CVE-2015-8918?
To fix CVE-2015-8918, update libarchive to version 3.2.0 or later, or apply patches provided by your system vendor.
Which software is affected by CVE-2015-8918?
CVE-2015-8918 affects libarchive versions up to 3.1.901a and SUSE Linux Enterprise versions 12.0 with SP1.
What types of attacks exploit CVE-2015-8918?
CVE-2015-8918 can be exploited by attackers using crafted cab files to crash the affected software.
Is CVE-2015-8918 specific to certain operating systems?
Yes, CVE-2015-8918 specifically impacts SUSE Linux Enterprise and libarchive applications on affected systems.

agent/author
agent/type
agent/severity
agent/weakness
agent/remedy
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
vendor/novell
canonical/suse linux enterprise software development kit
version/suse linux enterprise software development kit/12.0-sp1
canonical/suse linux enterprise desktop
version/suse linux enterprise desktop/12.0-sp1
canonical/suse linux enterprise server
version/suse linux enterprise server/12.0-sp1
vendor/libarchive
canonical/libarchive
version/libarchive/3.1.901a

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.