Описание
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.7.7-0ubuntu2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| oracular | not-affected | code not present |
| upstream | not-affected | debian: Vulnerable code introduced later |
Показывать по
4 Medium
CVSS3
Связанные уязвимости
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
libarchive through 3.7.7 has a heap-based buffer over-read in header_g ...
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
Уязвимость функции header_gnu_longlink компонента archive_read_support_format_tar.c библиотеки архивирования Libarchive, позволяющая нарушителю вызвать отказ в обслуживании
4 Medium
CVSS3