Lucene search
UbuntuUSN-5291-1HistoryFeb 17, 2022 - 12:00 a.m.
libarchive vulnerabilities
2022-02-1700:00:00
ubuntu.com
83
Releases
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Packages
- libarchive - Library to read/write archive files
Details
It was discovered that libarchive incorrectly handled symlinks. If a
user or automated system were tricked into processing a specially crafted
archive, an attacker could possibly use this issue to change modes, times,
ACLs, and flags on arbitrary files. (CVE-2021-23177, CVE-2021-31566)
It was discovered that libarchive incorrectly handled certain RAR archives.
If a user or automated system were tricked into processing a specially
crafted RAR archive, an attacker could use this issue to cause libarchive
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2021-36976)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 21.10 | noarch | libarchive13 | < 3.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libarchive-dev | < 3.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libarchive-tools | < 3.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libarchive-tools-dbgsym | < 3.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libarchive13-dbgsym | < 3.4.3-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | libarchive13 | < 3.4.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | libarchive-dev | < 3.4.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | libarchive-tools | < 3.4.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | libarchive-tools-dbgsym | < 3.4.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | libarchive13-dbgsym | < 3.4.0-2ubuntu1.1 | UNKNOWN |
Related
osv
osv
libarchive vulnerabilities
2022-02-17 13:54:10
Moderate: libarchive security update
2022-03-15 09:11:33
Moderate: libarchive security update
2022-03-15 09:11:33
nessus
nessus
Ubuntu 20.04 LTS : libarchive vulnerabilities (USN-5291-1)
2022-02-17 00:00:00
EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2022-1451)
2022-04-18 00:00:00
EulerOS Virtualization 2.9.1 : libarchive (EulerOS-SA-2022-1608)
2022-05-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5291-1)
2022-02-18 00:00:00
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-2027)
2022-07-14 00:00:00
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2022-1509)
2022-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: libarchive-3.5.3-1.fc35
2022-02-24 23:09:25
rocky
rocky
libarchive security update
2022-03-15 09:11:33
almalinux
almalinux
Moderate: libarchive security update
2022-03-15 09:11:33
redhat
redhat
(RHSA-2022:0892) Moderate: libarchive security update
2022-03-15 09:11:33
(RHSA-2022:5132) Important: RHACS 3.68 security update
2022-06-20 17:18:52
(RHSA-2022:1039) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:13:24
mageia
mageia
Updated libarchive packages fix security vulnerability
2022-02-12 20:31:35
photon
photon
Important Photon OS Security Update - PHSA-2022-0246
2022-09-16 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0246
2022-09-16 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0447
2022-09-07 00:00:00
oraclelinux
oraclelinux
libarchive security update
2022-03-16 00:00:00
redos
redos
ROS-20220322-02
2022-03-22 00:00:00
debian
debian
[SECURITY] [DLA 2987-1] libarchive security update
2022-04-30 22:30:22
[SECURITY] [DLA 3202-1] libarchive security update
2022-11-22 17:33:12
rosalinux
rosalinux
Advisory ROSA-SA-2023-2205
2023-08-01 13:07:57
gentoo
gentoo
libarchive: Multiple Vulnerabilities
2022-08-14 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-36976 affecting package libarchive for versions less than 3.6.0-1
2022-04-09 06:51:47
CVE-2021-36976 affecting package libarchive 3.4.2-3
2022-08-24 22:05:05
debiancve
debiancve
cvelist
cvelist
suse
suse
Security update for libarchive (moderate)
2022-09-19 00:00:00
Security update for libarchive (moderate)
2022-09-26 00:00:00
Security update for libarchive (moderate)
2022-03-24 00:00:00
veracode
veracode
Arbitrary File Write
2022-04-10 22:49:47
Privilege Escalation
2022-04-30 00:42:04
Use After Free
2022-02-24 21:48:59
alpinelinux
alpinelinux
CVE-2021-31566
2022-08-23 16:15:00
CVE-2021-36976
2021-07-20 07:15:00
prion
prion
Input validation
2022-08-23 16:15:00
Double free
2021-07-20 07:15:00
Input validation
2022-08-23 16:15:00
mscve
mscve
Libarchive Remote Code Execution Vulnerability
2022-01-11 08:00:00
redhatcve
redhatcve
cve
cve
ubuntucve
ubuntucve
amazon
amazon
Medium: libarchive
2023-11-29 22:20:00
krebs
krebs
‘Wormable’ Flaw Leads January 2022 Patch Tuesday
2022-01-11 22:18:55
malwarebytes
malwarebytes
ibm
ibm
hivepro
hivepro
Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws
2022-01-12 07:30:07
thn
thn
threatpost
threatpost
Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days
2022-01-11 21:54:57
apple
apple
About the security content of watchOS 8.5
2022-03-14 00:00:00
About the security content of iOS 15.4 and iPadOS 15.4
2022-03-14 00:00:00
About the security content of macOS Monterey 12.3
2022-03-14 00:00:00
mskb
mskb
January 11, 2022—KB5009566 (OS Build 22000.434)
2022-01-11 08:00:00
January 11, 2022—KB5009545 (OS Build 18363.2037)
2022-01-11 08:00:00
January 11, 2022—KB5009557 (OS Build 17763.2452)
2022-01-11 08:00:00
kaspersky
kaspersky
KLA12422 Multiple vulnerabilities in Microsoft Windows
2022-01-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2022
2022-01-11 21:41:56