Bug 1489852 (CVE-2017-14166) - CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function
Summary: CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-14166
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1449531 1698494
Blocks: 1856620
TreeView+ depends on / blocked
 
Reported: 2017-09-08 13:27 UTC by Andrej Nemec
Modified: 2021-10-21 11:57 UTC (History)
8 users (show)

Fixed In Version: libarchive 3.3.3
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-10-21 11:57:02 UTC


Attachments (Terms of Use)

Description Andrej Nemec 2017-09-08 13:27:03 UTC
libarchive 3.3.2 allows attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

Upstream patch:

https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71

References:

https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/

Comment 1 Andrej Nemec 2017-09-08 13:28:10 UTC
Created libarchive tracking bugs for this issue:

Affects: fedora-all [bug 1449531]

Comment 2 Pavel Raiskup 2018-06-01 10:08:04 UTC
Waits for release:
https://github.com/libarchive/libarchive/issues/935


Note You need to log in before you can comment on or make changes to this bug.