Lucene search
Cloud FoundryCFOUNDRY:61AB171811D246E9A2549531C4BC3E22HistoryJun 13, 2016 - 12:00 a.m.
USN-2981-1 libarchive vulnerabilities | Cloud Foundry
2016-06-1300:00:00
Cloud Foundry
www.cloudfoundry.org
24
EPSS
0.134
Percentile
95.6%
USN-2981-1 libarchive vulnerabilities
Medium
Vendor
Libarchive, Canonical Ubuntu
Versions Affected
Ubuntu 14.04 LTS
Description
It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1541)
Affected Products and Versions
_Severity is medium unless otherwise noted.
_
- All versions of Cloud Foundry cflinuxfs2 prior to v.1.58.0
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.58.0 or later versions
References
Related
nessus
nessus
Debian DSA-3574-1 : libarchive - security update
2016-05-12 00:00:00
Fedora 24 : libarchive (2016-760bd8b6a5)
2016-07-14 00:00:00
Slackware 14.1 / current : libarchive (SSA:2016-145-01)
2016-05-25 00:00:00
debiancve
debiancve
CVE-2016-1541
2016-05-07 10:59:04
osv
osv
CVE-2016-1541
2016-05-07 10:59:00
libarchive - security update
2016-05-10 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2016-145-01)
2022-04-21 00:00:00
Debian Security Advisory DSA 3574-1 (libarchive - security update)
2016-05-10 00:00:00
Fedora Update for libarchive FEDORA-2016-760bd8b6a5
2016-06-08 00:00:00
cve
cve
CVE-2016-1541
2016-05-07 10:59:04
prion
prion
Heap overflow
2016-05-07 10:59:00
freebsd
freebsd
libarchive -- RCE vulnerability
2016-05-01 00:00:00
nvd
nvd
CVE-2016-1541
2016-05-07 10:59:04
fedora
fedora
[SECURITY] Fedora 23 Update: libarchive-3.1.2-15.fc23
2016-05-16 22:29:12
[SECURITY] Fedora 24 Update: libarchive-3.1.2-17.fc24
2016-05-14 23:33:59
[SECURITY] Fedora 22 Update: libarchive-3.1.2-14.fc22
2016-05-31 09:24:54
mageia
mageia
Updated libarchive packages fix CVE-2016-1541
2016-05-18 23:14:22
talos
talos
Libarchive zip zip_read_mac_metadata Code Execution Vulnerability
2016-05-01 00:00:00
seebug
seebug
cvelist
cvelist
CVE-2016-1541
2016-05-07 10:00:00
ubuntu
ubuntu
libarchive vulnerabilities
2016-05-17 00:00:00
cert
cert
slackware
slackware
[slackware-security] libarchive
2016-05-25 05:53:14
debian
debian
[SECURITY] [DSA 3574-1] libarchive security update
2016-05-10 17:57:06
[SECURITY] [DSA 3574-1] libarchive security update
2016-05-10 17:57:06
alpinelinux
alpinelinux
CVE-2016-1541
2016-05-07 10:59:04
archlinux
archlinux
libarchive: arbitrary code execution
2016-07-05 00:00:00
ubuntucve
ubuntucve
CVE-2016-1541
2016-05-07 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in libarchive affect PowerKVM
2018-06-18 01:33:29
centos
centos
bsdcpio, bsdtar, libarchive security update
2016-09-16 00:18:58
amazon
amazon
Important: libarchive
2016-09-27 10:30:00
oraclelinux
oraclelinux
libarchive security update
2016-09-12 00:00:00
redhat
redhat
(RHSA-2016:1844) Important: libarchive security update
2016-09-12 15:10:21
gentoo
gentoo
libarchive: Multiple vulnerabilities
2017-01-01 00:00:00