PT-2017-16606 · Libarchive+2 · Libarchive+2

Publicado

2017-01-27

Atualizado

2024-06-15

CVE-2017-5601

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libarchive version 3.2.2

Description The issue is related to an error in the lha read file header 1() function, which can be exploited by remote attackers to trigger an out-of-bounds read memory access. This can be achieved by using a specially crafted archive, potentially leading to a crash.

Recommendations For libarchive version 3.2.2, consider applying a patch or fix that addresses the error in the lha read file header 1() function to prevent out-of-bounds read memory access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2017-5601

DLA-1600-1

DLA-810-1

MGASA-2017-0056

OPENSUSE-SU-2022:0944-1

OPENSUSE-SU-2022_0944-1

OPENSUSE-SU-2022_1930-1

OPENSUSE-SU-2024:13549-1

SUSE-SU-2022:0944-1

SUSE-SU-2022:0944-2

SUSE-SU-2022:1930-1

SUSE-SU-2022_0944-1

SUSE-SU-2022_0944-2

SUSE-SU-2022_1930-1

USN-3225-1

Produtos afetados

Suse

Ubuntu

Libarchive

PT-2017-16606 · Libarchive+2 · Libarchive+2

CVE-2017-5601

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 44