bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Debian_linux | Debian | 7.0 (including) | 7.0 (including) |
| Debian_linux | Debian | 8.0 (including) | 8.0 (including) |
| Red Hat Enterprise Linux 7 | RedHat | libarchive-0:3.1.2-10.el7_2 | * |
| Libarchive | Ubuntu | esm-infra-legacy/trusty | * |
| Libarchive | Ubuntu | esm-infra/xenial | * |
| Libarchive | Ubuntu | precise | * |
| Libarchive | Ubuntu | trusty | * |
| Libarchive | Ubuntu | trusty/esm | * |
| Libarchive | Ubuntu | upstream | * |
| Libarchive | Ubuntu | wily | * |
| Libarchive | Ubuntu | xenial | * |
Potential Mitigations
References
- http://rhn.redhat.com/errata/RHSA-2016-1844.html
- http://www.debian.org/security/2016/dsa-3657
- http://www.openwall.com/lists/oss-security/2016/06/17/2
- http://www.openwall.com/lists/oss-security/2016/06/17/5
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91303
- http://www.ubuntu.com/usn/USN-3033-1
- https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html
- https://github.com/libarchive/libarchive/issues/505
- https://security-tracker.debian.org/tracker/CVE-2015-8917
- https://security.gentoo.org/glsa/201701-03
- http://rhn.redhat.com/errata/RHSA-2016-1844.html
- http://www.debian.org/security/2016/dsa-3657
- http://www.openwall.com/lists/oss-security/2016/06/17/2
- http://www.openwall.com/lists/oss-security/2016/06/17/5
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91303
- http://www.ubuntu.com/usn/USN-3033-1
- https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html
- https://github.com/libarchive/libarchive/issues/505
- https://security-tracker.debian.org/tracker/CVE-2015-8917
- https://security.gentoo.org/glsa/201701-03