Описание
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | deferred | 2026-04-10 |
| esm-infra-legacy/trusty | deferred | 2026-04-10 |
| esm-infra/bionic | deferred | 2026-04-10 |
| esm-infra/focal | deferred | 2026-04-10 |
| esm-infra/xenial | deferred | 2026-04-10 |
| jammy | deferred | 2026-04-10 |
| noble | deferred | 2026-04-10 |
| questing | deferred | 2026-04-10 |
| upstream | needs-triage |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
A flaw was found in libarchive. On 32-bit systems, an integer overflow ...
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
EPSS
9.8 Critical
CVSS3