CVE-2017-8843

Name of the Vulnerable Software and Affected Versions lrzip version 0.631

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a crafted archive. This is due to a problem in the join pthread function in stream.c in liblrzip.so.

Recommendations For version 0.631, consider updating to a newer version that addresses this issue, as the current version is affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.