libarchive.so is vulnerable to Denial of Service (DoS) via out-of-bounds read. The vulnerability is possible because a malicious .mtree
file can be passed to process_add_entry()
function in archive_read_support_format_mtree.c
, leading to out-of-bounds reads.
CPE | Name | Operator | Version |
---|---|---|---|
libarchive.so | eq | 2.8.3 |