CVE-2015-8929

Опубликовано: 17 июн. 2016

Источник: redhat

CVSS3: 3.5

CVSS2: 3.5

EPSS Низкий

Описание

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

A vulnerability was found in libarchive. A specially crafted TAR file could cause the application to leak small amounts of memory, eventually leading to denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libarchive	Not affected
Red Hat Enterprise Linux 7	libarchive	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-401

https://bugzilla.redhat.com/show_bug.cgi?id=1348771libarchive: Memory leak in TAR parser

EPSS

Процентиль: 50%

0.00271

Низкий

3.5 Low

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

CVE-2015-8929

CVSS3: 5.5

ubuntu

около 9 лет назад

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

CVE-2015-8929

CVSS3: 5.5

nvd

около 9 лет назад

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

CVE-2015-8929

CVSS3: 5.5

debian

около 9 лет назад

Memory leak in the __archive_read_get_extract function in archive_read ...

GHSA-24gg-vmf8-whvm

CVSS3: 5.5

github

больше 3 лет назад

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

SUSE-SU-2016:1939-1

suse-cvrf

больше 9 лет назад

Security update for bsdtar

EPSS

Процентиль: 50%

0.00271

Низкий

3.5 Low

CVSS3

3.5 Low

CVSS2