CVE-2017-8846

Name of the Vulnerable Software and Affected Versions lrzip version 0.631

Description The issue allows remote attackers to cause a denial of service, resulting in a use-after-free and application crash, via a crafted archive. This is due to a problem in the read stream function in stream.c in liblrzip.so.

Recommendations For lrzip version 0.631, consider updating to a newer version that addresses this issue, as the current version is affected by a denial of service vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.