First published: Tue Sep 20 2016(Updated: )
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Canonical Ubuntu Linux | =16.04 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Enterprise Server | =12-sp1 | |
SUSE Linux Enterprise Software Development Kit | =12-sp1 | |
Libarchive Libarchive | <=3.1.901a | |
debian/libarchive | 3.4.3-2+deb11u1 3.6.2-1+deb12u1 3.7.4-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.