JLSEC-2025-234 libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block ...

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

SUSE SLES15 Security Update : libarchive (SUSE-SU-2022:0944-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0944-2 advisory. - An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger ...

Amazon Linux 2022 : bsdcat, bsdcpio, bsdtar (ALAS2022-2022-059)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-059 advisory. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provid...

EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2022-1031)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock. CVE-2021-36976 Note that...

CVE-2021-36976

A use-after-free flaw was found in libarchive in the copystring function...

AZL-6614 CVE-2021-36976 affecting package libarchive for versions less than 3.6.0-1

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

ALPINE-CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

Double free

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2021-36976

CVE-2021-36976 affects libarchive 3.4.1 through 3.5.1 with a use-after-free in copy_string (invoked by do_uncompress_block and process_block). Connected advisories show affected packages across multiple distributions (e.g., Debian libarchive updates to 3.4.3-2+deb11u2; Fedora/libarchive 3.5.3-1; ...

OSV-2021-557 Heap-use-after-free in copy_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375 Crash type: Heap-use-after-free READ 1 Crash state: copystring douncompressblock processblock...

OSV-2020-628 UNKNOWN READ in copy_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15482 Crash type: UNKNOWN READ Crash state: copystring douncompressblock processblock...

OSV-2020-273 Heap-use-after-free in copy_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19509 Crash type: Heap-use-after-free READ 1 Crash state: copystring douncompressblock processblock...

OSV-2020-238 Heap-use-after-free in copy_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19990 Crash type: Heap-use-after-free READ 1 Crash state: copystring douncompressblock processblock...