Описание
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
A flaw was found in Libarchive's bsdtar component. This vulnerability allows an attacker to trigger a NULL pointer dereference, leading to a crash and potential denial of service (DoS) via a crafted TAR archive.
Отчет
This vulnerability is rated as an Important severity because it allows an attacker to trigger a NULL pointer dereference in Libarchive's bsdtar component. By providing a specially crafted TAR archive, an attacker can cause a crash, resulting in a denial of service (DoS), making it a significant concern for affected systems.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 6 | libarchive | Affected | ||
| Red Hat Enterprise Linux 7 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 8 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 9 | libarchive | Not affected | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier ...
EPSS
7.5 High
CVSS3