Описание
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
Отчет
Starting in Red Hat Enterprise Linux (RHEL) 8.4.0 already fixed version of the libarchive packages is shipped, therefore RHEL 8.4.0 and later versions are not affected by this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libarchive | Will not fix | ||
| Red Hat Enterprise Linux 7 | libarchive | Will not fix | ||
| Red Hat Enterprise Linux 8 | libarchive | Fixed | RHEA-2021:1580 | 18.05.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
An out-of-bounds read flaw exists in parse_file_info in archive_read_s ...
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
Уязвимость функции archive_read_format_iso9660_read_header библиотеки libarchive, позволяющая нарушителю получить несанкционированный доступ к информации
EPSS
3.3 Low
CVSS3