Описание
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
Undefined behavior (invalid left shift) was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read.
Дополнительная информация
Статус:
3.5 Low
CVSS3
3.5 Low
CVSS2
Связанные уязвимости
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
The compress_bidder_init function in archive_read_support_filter_compr ...
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
3.5 Low
CVSS3
3.5 Low
CVSS2