What is the severity of CVE-2017-5601?

CVE-2017-5601 is classified as a high severity vulnerability due to its potential to cause a crash through an out-of-bounds read.

How do I fix CVE-2017-5601?

To fix CVE-2017-5601, upgrade libarchive to version 3.2.3 or later, where the vulnerability is patched.

What systems are affected by CVE-2017-5601?

CVE-2017-5601 specifically affects libarchive version 3.2.2.

How can attackers exploit CVE-2017-5601?

Attackers can exploit CVE-2017-5601 by crafting a malicious archive file that triggers the out-of-bounds read when processed.

What is the impact of CVE-2017-5601?

The impact of CVE-2017-5601 includes potential application crashes and disruption of service due to memory access issues.

Vulnerability/
CVE-2017-5601

high

7.5

CWE

125

27/1/2017

30/11/2018

CVE-2017-5601

First published: Fri Jan 27 2017(Updated: )

An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
libarchive	=3.2.2

Remedy

https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5601?
CVE-2017-5601 is classified as a high severity vulnerability due to its potential to cause a crash through an out-of-bounds read.
How do I fix CVE-2017-5601?
To fix CVE-2017-5601, upgrade libarchive to version 3.2.3 or later, where the vulnerability is patched.
What systems are affected by CVE-2017-5601?
CVE-2017-5601 specifically affects libarchive version 3.2.2.
How can attackers exploit CVE-2017-5601?
Attackers can exploit CVE-2017-5601 by crafting a malicious archive file that triggers the out-of-bounds read when processed.
What is the impact of CVE-2017-5601?
The impact of CVE-2017-5601 includes potential application crashes and disruption of service due to memory access issues.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/severity
agent/weakness
agent/remedy
agent/author
agent/references
agent/description
agent/tags
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/libarchive
canonical/libarchive
version/libarchive/3.2.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2017-5601?
CVE-2017-5601 is classified as a high severity vulnerability due to its potential to cause a crash through an out-of-bounds read.
How do I fix CVE-2017-5601?
To fix CVE-2017-5601, upgrade libarchive to version 3.2.3 or later, where the vulnerability is patched.
What systems are affected by CVE-2017-5601?
CVE-2017-5601 specifically affects libarchive version 3.2.2.
How can attackers exploit CVE-2017-5601?
Attackers can exploit CVE-2017-5601 by crafting a malicious archive file that triggers the out-of-bounds read when processed.
What is the impact of CVE-2017-5601?
The impact of CVE-2017-5601 includes potential application crashes and disruption of service due to memory access issues.