Lucene search

K

Veracode Vulnerability DatabaseVERACODE:8068

HistoryDec 21, 2018 - 10:57 a.m.

Denial Of Service (DoS)

2018-12-2110:57:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

12

EPSS

0.004

Percentile

75.4%

libarchive.so is vulnerable to denial of service (DoS) attacks. A NULL pointer dereference in the ACL parser libarchive/archive_acl.c in the function archive_acl_from_text_l() allows an attacker to crash the process and cause a denial of service condition.

References

lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html

www.securityfocus.com/bid/106324

bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909

github.com/libarchive/libarchive/pull/1105

github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175

lists.fedoraproject.org/archives/list/[email protected]/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/

lists.fedoraproject.org/archives/list/[email protected]/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/

lists.fedoraproject.org/archives/list/[email protected]/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/

EPSS

0.004

Percentile

75.4%

Related for VERACODE:8068

redhatcve1 cvelist1 osv2 cve1 debiancve1 ubuntucve1 prion1 nvd1 rosalinux1 nessus10 openvas5 mageia1 archlinux1 fedora3 suse1 photon6 altlinux1 ibm1