Filtered by vendor Libarchive
Subscriptions
Filtered by product Libarchive
Subscriptions
Total
71 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4302 | 2 Libarchive, Redhat | 9 Libarchive, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary. | ||||
| CVE-2016-4301 | 1 Libarchive | 1 Libarchive | 2025-04-12 | N/A |
| Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file. | ||||
| CVE-2016-4300 | 2 Libarchive, Redhat | 9 Libarchive, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | N/A |
| Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-4809 | 3 Libarchive, Oracle, Redhat | 10 Libarchive, Linux, Enterprise Linux and 7 more | 2025-04-12 | N/A |
| The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink. | ||||
| CVE-2015-8916 | 4 Canonical, Debian, Libarchive and 1 more | 4 Ubuntu Linux, Debian Linux, Libarchive and 1 more | 2025-04-12 | N/A |
| bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. | ||||
| CVE-2015-8919 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. | ||||
| CVE-2015-8921 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. | ||||
| CVE-2015-8922 | 5 Canonical, Libarchive, Novell and 2 more | 7 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 4 more | 2025-04-12 | N/A |
| The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | ||||
| CVE-2015-8923 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. | ||||
| CVE-2013-0211 | 5 Canonical, Fedoraproject, Freebsd and 2 more | 5 Ubuntu Linux, Fedora, Freebsd and 2 more | 2025-04-11 | N/A |
| Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. | ||||
| CVE-2025-1632 | 1 Libarchive | 1 Libarchive | 2025-03-25 | 3.3 Low |
| A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-30571 | 1 Libarchive | 1 Libarchive | 2025-01-14 | 3.9 Low |
| Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race condition could lead to implicit directory creation with permissions 0777 (without the sticky bit), which means that any low-privileged local user can delete and rename files inside those directories. | ||||
| CVE-2024-48957 | 1 Libarchive | 1 Libarchive | 2024-12-02 | 7.8 High |
| execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. | ||||
| CVE-2024-48958 | 1 Libarchive | 1 Libarchive | 2024-12-02 | 7.8 High |
| execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. | ||||
| CVE-2022-36227 | 5 Debian, Fedoraproject, Libarchive and 2 more | 6 Debian Linux, Fedora, Libarchive and 3 more | 2024-11-21 | 9.8 Critical |
| In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution." | ||||
| CVE-2022-26280 | 3 Fedoraproject, Libarchive, Redhat | 3 Fedora, Libarchive, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. | ||||
| CVE-2021-36976 | 4 Apple, Fedoraproject, Libarchive and 1 more | 7 Ipados, Iphone Os, Macos and 4 more | 2024-11-21 | 6.5 Medium |
| libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | ||||
| CVE-2021-31566 | 5 Debian, Fedoraproject, Libarchive and 2 more | 14 Debian Linux, Fedora, Libarchive and 11 more | 2024-11-21 | 7.8 High |
| An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system. | ||||
| CVE-2021-23177 | 4 Debian, Fedoraproject, Libarchive and 1 more | 13 Debian Linux, Fedora, Libarchive and 10 more | 2024-11-21 | 7.8 High |
| An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges. | ||||
| CVE-2020-9308 | 3 Canonical, Fedoraproject, Libarchive | 3 Ubuntu Linux, Fedora, Libarchive | 2024-11-21 | 8.8 High |
| archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. | ||||