Lucene search
Veracode Vulnerability DatabaseVERACODE:6072HistoryApr 10, 2018 - 7:28 a.m.
Denial Of Service (DoS) Via Out-of-bounds Read
2018-04-1007:28:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.006 Low
EPSS
Percentile
78.2%
libarchive.so is vulnerable to Denial of Service (DoS) via out-of-bounds read. The vulnerability is possible because a malicious .mtree file can be passed to process_add_entry() function in archive_read_support_format_mtree.c, leading to out-of-bounds reads.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libarchive.so | eq | 2.8.3 |
Related
cvelist
cvelist
CVE-2015-8928
2016-09-20 14:00:00
redhatcve
redhatcve
CVE-2015-8928
2016-06-22 06:18:26
prion
prion
Out-of-bounds
2016-09-20 14:15:00
cve
cve
CVE-2015-8928
2016-09-20 14:15:15
ubuntucve
ubuntucve
CVE-2015-8928
2015-12-31 00:00:00
nvd
nvd
CVE-2015-8928
2016-09-20 14:15:15
debiancve
debiancve
CVE-2015-8928
2016-09-20 14:15:15
debian
debian
[SECURITY] [DSA 3657-1] libarchive security update
2016-08-30 21:15:15
suse
suse
Security update for libarchive (important)
2016-08-11 17:13:38
Security update for libarchive (important)
2016-07-29 14:09:01
openvas
openvas
openSUSE: Security Advisory for libarchive (openSUSE-SU-2016:2036-1)
2016-08-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1909-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3033-1)
2016-07-15 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2016:1909-1)
2016-08-29 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : libarchive vulnerabilities (USN-3033-1)
2016-07-15 00:00:00
openSUSE Security Update : libarchive (openSUSE-2016-969)
2016-08-16 00:00:00
ubuntu
ubuntu
libarchive vulnerabilities
2016-07-14 00:00:00
cloudfoundry
cloudfoundry
USN-3033-1 libarchive vulnerability | Cloud Foundry
2016-08-25 00:00:00
amazon
amazon
Important: libarchive
2016-09-27 10:30:00
centos
centos
bsdcpio, bsdtar, libarchive security update
2016-09-16 00:18:58
ibm
ibm
Security Bulletin: Vulnerabilities in libarchive affect PowerKVM
2018-06-18 01:33:29
redhat
redhat
(RHSA-2016:1844) Important: libarchive security update
2016-09-12 15:10:21
oraclelinux
oraclelinux
libarchive security update
2016-09-12 00:00:00
gentoo
gentoo
libarchive: Multiple vulnerabilities
2017-01-01 00:00:00