13 matches found
K000148646: libarchive vulnerability CVE-2018-1000879
Security Advisory Description libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear ...
RHEL 8 : libarchive (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libarchive: heap-based buffer overflow in archivestringappendfromwcs function in archivestring.c...
SUSE: Security Advisory (SUSE-SU-2019:0831-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package libarchive version 3.4.0-alt1
Aug. 22, 2019 Aleksei Nikiforov 3.4.0-alt1 - Updated to upstream version 3.4.0. - Fixes: + CVE-2018-1000877 Double Free vulnerability in RAR decoder + CVE-2018-1000878 Use After Free vulnerability in RAR decoder + CVE-2018-1000879 NULL Pointer Dereference vulnerability in ACL parser +...
[ASA-201906-21] libarchive: multiple issues
Arch Linux Security Advisory ASA-201906-21 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 CVE-2019-1000019 CVE-2019-1000020 Package : libarchive Type : multiple issues Remote : No Link :...
Photon OS 3.0: Libarchive PHSA-2019-3.0-0015
An update of the libarchive package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0015. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid126114;...
Fedora 30 : libarchive (2019-fbe83d0e32)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
Fedora 28 : libarchive (2019-c595a93536)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
Fedora 29 : libarchive (2019-0233ec0ff3)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
Updated libarchive packages fix security vulnerabilities
readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archivereadformatrarreadheader CVE-2017-14502. Multiple security issues were found in libarchive: Processing malformed RAR archive...
CVE-2018-1000879
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear to be exploitable via the vict...
CVE-2018-1000879
CVE-2018-1000879 is a NULL Pointer Dereference in libarchive’s ACL parser (archive_acl_from_text_l()) that can cause a crash or DoS when a victim opens a specially crafted archive. The issue was reported for libarchive versions from commit 379867ec... onward (release 3.3.0+), with multiple adviso...
CVE-2018-1000879
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear to be exploitable via the vict...