ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
A use-after-free flaw was found in libarchive in the copy_string function.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΠ°ΠΊΠ΅ΡΡ
| ΠΠ»Π°ΡΡΠΎΡΠΌΠ° | ΠΠ°ΠΊΠ΅Ρ | Π‘ΠΎΡΡΠΎΡΠ½ΠΈΠ΅ | Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°ΡΠΈΡ | Π Π΅Π»ΠΈΠ· |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 7 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 8 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 9 | libarchive | Not affected |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
10
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
ΠΠΎΠΏΠΎΠ»Π½ΠΈΡΠ΅Π»ΡΠ½Π°Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ
Π‘ΡΠ°ΡΡΡ:
Moderate
ΠΠ΅ΡΠ΅ΠΊΡ:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1984646libarchive: use-after-free in copy_string()
6.5 Medium
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
CVSS3: 6.5
ubuntu
Π±ΠΎΠ»ΡΡΠ΅ 4 Π»Π΅Ρ Π½Π°Π·Π°Π΄
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
CVSS3: 6.5
nvd
Π±ΠΎΠ»ΡΡΠ΅ 4 Π»Π΅Ρ Π½Π°Π·Π°Π΄
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
CVSS3: 6.5
debian
Π±ΠΎΠ»ΡΡΠ΅ 4 Π»Π΅Ρ Π½Π°Π·Π°Π΄
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (ca ...
CVSS3: 6.5
github
ΠΏΠΎΡΡΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
6.5 Medium
CVSS3