A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libarchive | Libarchive | * | 3.8.0 (excluding) |
Red Hat Enterprise Linux 10 | RedHat | libarchive-0:3.7.7-4.el10_0 | * |
Red Hat Enterprise Linux 7 Extended Lifecycle Support | RedHat | libarchive-0:3.1.2-14.el7_9.1 | * |
Red Hat Enterprise Linux 8 | RedHat | libarchive-0:3.3.3-6.el8_10 | * |
Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | libarchive-0:3.3.2-8.el8_2.1 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | libarchive-0:3.3.3-1.el8_4.1 | * |
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | RedHat | libarchive-0:3.3.3-1.el8_4.1 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | libarchive-0:3.3.3-6.el8_6 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | libarchive-0:3.3.3-6.el8_6 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | libarchive-0:3.3.3-6.el8_6 | * |
Red Hat Enterprise Linux 8.8 Telecommunications Update Service | RedHat | libarchive-0:3.3.3-5.el8_8.1 | * |
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | RedHat | libarchive-0:3.3.3-5.el8_8.1 | * |
Red Hat Enterprise Linux 9 | RedHat | libarchive-0:3.5.3-6.el9_6 | * |
Red Hat Enterprise Linux 9 | RedHat | libarchive-0:3.5.3-6.el9_6 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | libarchive-0:3.5.3-2.el9_0.1 | * |
Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | libarchive-0:3.5.3-4.el9_4.1 | * |
Red Hat Insights proxy 1.5 | RedHat | registry.redhat.io/insights-proxy/insights-proxy-container-rhel9:sha256:b7f671263af799e681ccca9b07420c1b5cee369282b5e1520557ee2414618652 | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-agent-rhel8:sha256:5604dbb58d5e31f399f41ae4bf7a766272bf091a4e1bd6e89d1b85d62b0db93a | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8:sha256:34c4588cf354ab2a69695897911e7caca6f7df93fb13fed716b3f99608ff70aa | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-collector-rhel8:sha256:a51ae66a32ddfa21fc4c9bcd42540a8e12c5a59b0e8c27369dd1689a924bbebe | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8:sha256:88ce7e9894e7e4b1406d6e1f20e18cd19cff9df376f5455a24eeffb118f0535f | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8:sha256:6ceeba5ce034140d4144ead58de768d8f374aa3f1c4800855871c229ee1cd785 | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-ingester-rhel8:sha256:044c58b2f2d18d5a20fd23dafc2db1ee6d6d48ac5c20706f176b8132d1d8ac96 | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-operator-bundle:sha256:f250e39033d7cb1d786e5a7ec6798c25d4c5d8c6ecbcf6828915605fc4658da5 | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:4856bc69d0c18c6049819007d25b966a6ee02dcc819682f7294503ab2d646776 | * |
Red Hat OpenShift distributed tracing 3.5.3 | RedHat | registry.redhat.io/rhosdt/jaeger-rhel8-operator:sha256:9b66a46b3a28084c45823268d1fa4ae953c50b996f3d265c5fc9f4bc3eb326b4 | * |
Libarchive | Ubuntu | devel | * |
Libarchive | Ubuntu | esm-infra-legacy/trusty | * |
Libarchive | Ubuntu | esm-infra/bionic | * |
Libarchive | Ubuntu | esm-infra/focal | * |
Libarchive | Ubuntu | esm-infra/xenial | * |
Libarchive | Ubuntu | jammy | * |
Libarchive | Ubuntu | noble | * |
Libarchive | Ubuntu | oracular | * |
Libarchive | Ubuntu | plucky | * |