Download
| Alert*
oval:org.secpod.oval:def:39199
libarchive: Library to read/write archive files libarchive could be made to crash, overwrite files, or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800703 The vulnerability is caused due to an error in the"lha_read_file_header_1" function, which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. Affected versions: libarchive version 3.2.2.Other versions may also be affected.. oval:org.secpod.oval:def:112294 Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. oval:org.secpod.oval:def:703509 libarchive: Library to read/write archive files libarchive could be made to crash, overwrite files, or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51741 libarchive: Library to read/write archive files libarchive could be made to crash, overwrite files, or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800442 The vulnerability is caused due to an error in the"lha_read_file_header_1" function, which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. Affected versions: libarchive version 3.2.2.Other versions may also be affected. Reference: Patch: oval:org.secpod.oval:def:1800348 The vulnerability is caused due to an error in the"lha_read_file_header_1" function, which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. Affected versions libarchive version 3.2.2.Other versions may also be affected. Reference Patch oval:org.secpod.oval:def:3300879 SUSE Security Update: Security update for libarchive oval:org.secpod.oval:def:89047724 This update for libarchive fixes the following issues: - CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init . - CVE-2021-36976: Fixed use-after-free in copy_string . - CVE-2017-5601: Fixed out-of-bounds memory access preventing denial-of-service . oval:org.secpod.oval:def:89048205 This update for libarchive fixes the following issues: - CVE-2021-36976: Fixed an invalid memory access that could cause data corruption . Non-security updates: - Updated references for CVE-2017-5601, which was already fixed in a previous version . oval:org.secpod.oval:def:89047492 This update for libarchive fixes the following issues: - CVE-2021-36976: Fixed an invalid memory access that could cause data corruption . Non-security updates: - Updated references for CVE-2017-5601, which was already fixed in a previous version . |