7 matches found
[SECURITY] Fedora 44 Update: libarchive-3.8.7-1.fc44
Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...
libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...
[SECURITY] Fedora 42 Update: libarchive-3.8.1-1.fc42
Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...
Debian DLA-103-1 : linux-2.6 security update
This security upload has been prepared in cooperation of the Debian Kernel, Security and LTS Teams and features the upstream stable release 2.6.32.64 see https://lkml.org/lkml/2014/11/23/181 for more information for that. It fixes the CVEs described below. Note: if you are using the openvz flavor...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2359-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2359-1 advisory. Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-2354-1)
Chris Evans reported an flaw in the Linux kernel's handling of iso9660 compact disk filesystem images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service system crash or reboot. CVE-2014-5471 Chris Evans reported an flaw ...
CVE-2011-1777
Multiple buffer overflows in the 1 heapaddentry and 2 relocatedir functions in archivereadsupportformatiso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ISO9660 image...