Wubonetcnop

**Name of the Vulnerable Software and Affected Versions** libarchive versions prior to 3.6.2 **Description** The issue is related to the `calloc()` function in the libarchive library, which can lead to a NULL pointer dereference if an error occurs after the function is called. This may allow a remote attacker to execute arbitrary code or cause a denial of service. In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, writing or reading memory is possible, which may lead to code execution. **Recommendations** For libarchive versions prior to 3.6.2, update to version 3.6.2 or later to resolve the issue. As a temporary workaround, consider adding error checking after calling the `calloc()` function to prevent NULL pointer dereferences.