Описание
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.1-6 |
| esm-infra-legacy/trusty | released | 3.1.2-7ubuntu2.4 |
| esm-infra/xenial | released | 3.1.2-11ubuntu0.16.04.3 |
| precise | released | 3.0.3-6ubuntu1.4 |
| trusty | released | 3.1.2-7ubuntu2.4 |
| trusty/esm | released | 3.1.2-7ubuntu2.4 |
| upstream | released | 3.2.1-5 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 3.1.2-11ubuntu0.16.04.3 |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
4.3 Medium
CVSS2
5.5 Medium
CVSS3