PT-2018-2634 · Libarchive+5 · Libarchive+5

Daniel Axtens

·

Published

2018-07-08

·

Updated

2024-06-15

·

CVE-2018-1000877

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions libarchive versions 3.1.0 and later
Description The issue is related to a double free error in the RAR decoder of the libarchive library, specifically in the parse codes() function within libarchive/archive read support format rar.c. This error occurs when realloc(rar->lzss.window, new size) is called with new size = 0, potentially leading to a crash or denial of service (DoS). The attack can be exploited if a victim opens a specially crafted RAR archive, allowing a remote attacker to cause a service disruption.
Recommendations For libarchive versions 3.1.0 and later, consider disabling the RAR decoder functionality until a patch is available to prevent potential exploitation. Restrict access to specially crafted RAR archives to minimize the risk of a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Uncontrolled Search Path Element

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-427CWE-415

Related Identifiers

ALT-PU-2019-2522
ALT-PU-2019-3125
BDU:2019-01251
BDU:2020-01729
CESA-2019_2298
CESA-2019_3698
CVE-2018-1000877
DLA-1612-1
DSA-4360-1
MGASA-2019-0030
OPENSUSE-SU-2019:1196-1
OPENSUSE-SU-2019:2615-1
OPENSUSE-SU-2019:2632-1
OPENSUSE-SU-2019_1196-1
OPENSUSE-SU-2019_2615-1
OPENSUSE-SU-2019_2632-1
OPENSUSE-SU-2024:10925-1
RHSA-2019:2298
RHSA-2019:3698
RHSA-2019_2298
RHSA-2019_3698
SUSE-SU-2019:0831-1
SUSE-SU-2019:3092-1
SUSE-SU-2019:3093-1
SUSE-SU-2019_0831-1
SUSE-SU-2019_3093-1
USN-3859-1

Affected Products

Alt Linux
Centos
Red Hat
Suse
Ubuntu
Libarchive