Описание
Security update for libarchive
This update for libarchive fixes the following issues:
Security issues fixed:
- CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder (bsc#1120653).
- CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder (bsc#1120654).
- CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompression (bsc#1124341).
- CVE-2019-1000020: Fixed an Infinite Loop vulnerability in ISO9660 parser (bsc#1124342).
- CVE-2019-18408: Fixed a use-after-free in RAR format support (bsc#1155079).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2632-1
- SUSE Security Ratings
- SUSE Bug 1120653
- SUSE Bug 1120654
- SUSE Bug 1124341
- SUSE Bug 1124342
- SUSE Bug 1155079
- SUSE CVE CVE-2018-1000877 page
- SUSE CVE CVE-2018-1000878 page
- SUSE CVE CVE-2019-1000019 page
- SUSE CVE CVE-2019-1000020 page
- SUSE CVE CVE-2019-18408 page
Описание
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
Затронутые продукты
Ссылки
- CVE-2018-1000877
- SUSE Bug 1120653
Описание
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
Затронутые продукты
Ссылки
- CVE-2018-1000878
- SUSE Bug 1120654
Описание
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
Затронутые продукты
Ссылки
- CVE-2019-1000019
- SUSE Bug 1124341
Описание
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.
Затронутые продукты
Ссылки
- CVE-2019-1000020
- SUSE Bug 1124342
Описание
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
Затронутые продукты
Ссылки
- CVE-2019-18408
- SUSE Bug 1155079