First published: Fri Mar 28 2025(Updated: )
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Libarchive | <3.7.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-48615 has been classified as a medium severity vulnerability due to the potential for Denial of Service caused by a Null Pointer Dereference.
To fix CVE-2024-48615, update to libarchive version 3.7.7 or later, which addresses the vulnerability by correcting the null pointer dereference issue.
CVE-2024-48615 affects libarchive versions up to and including 3.7.6.
Exploiting CVE-2024-48615 may lead to application crashes or Denial of Service when using the bsdtar command.
CVE-2024-48615 was publicly disclosed on an unspecified date prior to its identification in the CVE database.