Showing 1 - 3 of 3

CVE-2018-1000877

Status Candidate

Overview

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.

Related Files

Red Hat Security Advisory 2019-3698-01: Posted Nov 6, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3698-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, python; systems | linux, redhat; advisories | CVE-2017-14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2019-1000019, CVE-2019-1000020; SHA-256 | 87edd4e3f62b62b9bdf2ddc0e56745159a7bd1cf47bd0ac379794c87ba4df72a; Download | Favorite | View

Red Hat Security Advisory 2019-2298-01: Posted Aug 6, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2298-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, python; systems | linux, redhat; advisories | CVE-2017-14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2019-1000019, CVE-2019-1000020; SHA-256 | 8e04b6e7f5a0e0c8739a0ebe8f7cf1741141aae7d84473c159f34f7d276de711; Download | Favorite | View

Debian Security Advisory 4360-1: Posted Dec 28, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4360-1 - Multiple security issues were found in libarchive, a multi-format archive in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2016-10209, CVE-2016-10349, CVE-2016-10350, CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000880; SHA-256 | 4ca78c1aca3d7538b998511ad79830ff0f91bc94448ecc1564153a6b33bfe80f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2018-1000877

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems