Lucene search
F5F5:K91432940HistoryDec 07, 2016 - 12:00 a.m.
K91432940 : libarchive vulnerabilities CVE-2015-8920 and CVE-2016-4809
2016-12-0700:00:00
my.f5.com
26
Security Advisory Description
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
redhatcve
redhatcve
CVE-2015-8920
2016-06-22 06:18:34
CVE-2016-4809
2016-06-16 02:48:58
nvd
nvd
CVE-2015-8920
2016-09-20 14:15:06
CVE-2016-4809
2016-09-21 14:25:05
debiancve
debiancve
CVE-2015-8920
2016-09-20 14:15:06
CVE-2016-4809
2016-09-21 14:25:05
ubuntucve
ubuntucve
CVE-2015-8920
2015-12-31 00:00:00
CVE-2016-4809
2016-06-17 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Stack Buffer Underflow
2018-04-06 08:47:34
Denial Of Service (DoS) Through Stack Buffer Underflow
2019-01-15 09:13:06
Denial Of Service (DoS)
2019-05-02 05:49:22
prion
prion
Out-of-bounds
2016-09-20 14:15:00
Code injection
2016-09-21 14:25:00
cve
cve
CVE-2015-8920
2016-09-20 14:15:06
CVE-2016-4809
2016-09-21 14:25:05
cvelist
cvelist
CVE-2015-8920
2016-09-20 14:00:00
CVE-2016-4809
2016-09-21 14:00:00
osv
osv
CVE-2016-4809
2016-09-21 14:25:00
alpinelinux
alpinelinux
CVE-2016-4809
2016-09-21 14:25:05
nessus
nessus
openSUSE Security Update : libarchive (openSUSE-2016-770)
2016-06-28 00:00:00
RHEL 6 : libarchive (RHSA-2016:1850)
2016-09-13 00:00:00
suse
suse
Security update for bsdtar (important)
2016-08-02 17:08:50
Security update for libarchive (important)
2016-07-29 14:09:01
Security update for libarchive (important)
2016-08-11 17:13:38
openvas
openvas
RedHat Update for libarchive RHSA-2016:1850-01
2016-09-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1939-1)
2021-06-09 00:00:00
CentOS Update for libarchive CESA-2016:1850 centos6
2016-09-16 00:00:00
centos
centos
libarchive security update
2016-09-15 22:26:12
bsdcpio, bsdtar, libarchive security update
2016-09-16 00:18:58
oraclelinux
oraclelinux
libarchive security update
2016-09-12 00:00:00
libarchive security update
2016-09-12 00:00:00
redhat
redhat
(RHSA-2016:1850) Important: libarchive security update
2016-09-12 15:10:17
(RHSA-2016:1844) Important: libarchive security update
2016-09-12 15:10:21
debian
debian
[SECURITY] [DSA 3657-1] libarchive security update
2016-08-30 21:15:15
[SECURITY] [DLA 554-1] libarchive security update
2016-07-21 06:10:45
cloudfoundry
cloudfoundry
USN-3033-1 libarchive vulnerability | Cloud Foundry
2016-08-25 00:00:00
ubuntu
ubuntu
libarchive vulnerabilities
2016-07-14 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in libarchive affect PowerKVM
2018-06-18 01:33:29
amazon
amazon
Important: libarchive
2016-09-27 10:30:00
gentoo
gentoo
libarchive: Multiple vulnerabilities
2017-01-01 00:00:00