EPSS
Percentile
54.0%
libarchive.so is vulnerable to denial of service attacks. A malicious user is able to cause an out-of-bounds read via the component zipx_lzma_alone_init, causing the application to crash.
zipx_lzma_alone_init
github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
github.com/libarchive/libarchive/issues/1672
github.com/libarchive/libarchive/pull/1682
lists.fedoraproject.org/archives/list/[email protected]/message/SBYGJICQ7FKDZ2IIOAH423IHWQ6MNONQ/
security.gentoo.org/glsa/202208-26