Summary: | <app-arch/libarchive-3.3.3: Multiple vulnerabilites (CVE-2017-{14166,14501}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bsd+disabled, mgorny |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2017-10-31 16:52:28 UTC
(In reply to GLSAMaker/CVETool Bot from comment #0) > CVE-2017-14501 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14501): > An out-of-bounds read flaw exists in parse_file_info in > archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a > specially crafted iso9660 iso file, related to > archive_read_format_iso9660_read_header. FWICS, there's no fix upstream yet for this and it doesn't look like anybody's working on it. > CVE-2017-14166 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14166): > libarchive 3.3.2 allows remote attackers to cause a denial of service > (xml_data heap-based buffer over-read and application crash) via a crafted > xar archive, related to the mishandling of empty strings in the atol8 > function in archive_read_support_format_xar.c. This one has a fix in master (fa7438a0ff4033e4741c807394a9af6207940d71) we could backport. Alternatively, we could make a snapshot. Feel free to only fix CVE-2017-14166 for the moment. We will split out the remaining vulnerability in this case. Both vulnerabilities are now fixed upstream: CVE-2017-14166: https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71 CVE-2017-14501: https://github.com/libarchive/libarchive/commit/f9569c086ff29259c73790db9cbf39fe8fb9d862 @maintainer, please clean vulnerable. This issue was resolved and addressed in GLSA 201908-11 at https://security.gentoo.org/glsa/201908-11 by GLSA coordinator Aaron Bauman (b-man). re-opened for cleanup |