The archive_read_format_cpio_read_header function in
archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote
attackers to cause a denial of service (application crash) via a CPIO
archive with a large symlink.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | libarchive | < 3.0.3-6ubuntu1.3 | UNKNOWN |
ubuntu | 14.04 | noarch | libarchive | < 3.1.2-7ubuntu2.3 | UNKNOWN |
ubuntu | 15.10 | noarch | libarchive | < 3.1.2-11ubuntu0.15.10.2 | UNKNOWN |
ubuntu | 16.04 | noarch | libarchive | < 3.1.2-11ubuntu0.16.04.2 | UNKNOWN |