First published: Wed Feb 06 2019(Updated: )
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. References: <a href="https://github.com/libarchive/libarchive/pull/1120/commits/65a23f5dbee4497064e9bb467f81138a62b0dae1">https://github.com/libarchive/libarchive/pull/1120/commits/65a23f5dbee4497064e9bb467f81138a62b0dae1</a> <a href="https://github.com/libarchive/libarchive/pull/1120">https://github.com/libarchive/libarchive/pull/1120</a>
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Libarchive | >=3.0.2>=commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
REDHAT-BUG-1672892 is classified as a denial of service vulnerability due to an out-of-bounds read in the 7zip decompression functionality.
To fix REDHAT-BUG-1672892, update libarchive to version 3.0.3 or later, which addresses the vulnerability.
The affected versions for REDHAT-BUG-1672892 are libarchive versions from 3.0.2 and the specific commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards.
While REDHAT-BUG-1672892 does not lead to direct system compromise, it can result in a denial of service by crashing the application that uses libarchive.
CWE-125 refers to an out-of-bounds read, which indicates that the vulnerability allows the reading of data outside the intended memory boundaries, potentially leading to crashes.