Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

ALSA-2026:8510 Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

MiracleLinux 7 : libcdio-0.92-3.0.1.el7.AXS7 (AXSA:2024-8818:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8818:01 advisory. CVE-2024-36600: Allocate more space for buffer, prevent overflow, CVEs: CVE-2024-36600 Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002216 advisory. The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount proce...

EUVD-2017-5272

Malware in sbrugna...

Updated libcdio packages fix security vulnerability

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. CVE-2024-36600...

GNU libcdio Buffer Overflow Vulnerability

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...

AZL-44385 CVE-2024-36600 affecting package libcdio 2.1.0-14

Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...

CVE-2024-36600

Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...

AZL-43630 CVE-2024-36600 affecting package libcdio 2.0.0-8

Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...

CVE-2024-36600

Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...

SUSE CVE-2014-9420

The rockcontinue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service infinite loop, and system crash or hang via a crafted iso9660 image...

SUSE CVE-2017-13755

In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as demonstrated by fls...

Debian DLA-3054-1 : sleuthkit - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3054 advisory. - In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as...

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

Input validation

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

CVE-2022-28385

Affected products: Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive (Part Number #53650). Root cause: missing integrity checks allow manipulation of the ISO-9660 image stored in hidden USB drive sectors that backs the emulated CD-ROM c...

The vulnerability of the libarchive library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the libarchive library is related to reading beyond the buffer boundaries of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures through the use of a specially created ISO966 file...

DEBIAN-CVE-2017-13755

In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as demonstrated by fls...