CVE-2019-19221

Опубликовано: 21 нояб. 2019

Источник: redhat

CVSS3: 6.5

Описание

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libarchive	Out of support scope
Red Hat Enterprise Linux 7	libarchive	Will not fix
Red Hat Enterprise Linux 8	libarchive	Fixed	RHSA-2020:4443	04.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1801635libarchive: out-of-bounds read in archive_wstring_append_from_mbs in archive_string.c

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2019-19221

CVSS3: 5.5

ubuntu

около 6 лет назад

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

CVE-2019-19221

CVSS3: 5.5

nvd

около 6 лет назад

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

CVE-2019-19221

CVSS3: 5.5

debian

около 6 лет назад

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string ...

SUSE-SU-2021:3722-1

suse-cvrf

около 4 лет назад

Security update for libarchive

GHSA-m55v-6hqc-x3jh

CVSS3: 5.5

github

больше 3 лет назад

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

6.5 Medium

CVSS3