Bug 2071931 (CVE-2022-26280) - CVE-2022-26280 libarchive: an out-of-bounds read via the component zipx_lzma_alone_init
Summary: CVE-2022-26280 libarchive: an out-of-bounds read via the component zipx_lzma_...
Alias: CVE-2022-26280
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 2071933 2071934 2071935 2086976 2086977
Blocks: 2071936
TreeView+ depends on / blocked
Reported: 2022-04-05 09:19 UTC by Vipul Nair
Modified: 2022-11-29 04:27 UTC (History)
14 users (show)

Fixed In Version: libarchive 3.6.1
Doc Type: If docs needed, set a value
Doc Text:
An out-of-bounds read flaw was found in libarchive. This flaw allows an attacker who can supply a specially crafted zip file to libarchive to cause an out-of-bounds read in programs linked with libarchive, using the LZMA zip functionality. The consequences depend on the specific program linked with libarchive. Still, they would most likely result in an application crash or information disclosure that could be used in conjunction with another exploit.
Clone Of:
Last Closed: 2022-07-01 08:42:39 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5252 0 None None None 2022-06-28 14:59:54 UTC

Description Vipul Nair 2022-04-05 09:19:13 UTC
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.


Comment 1 Vipul Nair 2022-04-05 09:21:45 UTC
Created cmake3 tracking bugs for this issue:

Affects: epel-all [bug 2071933]

Created libarchive tracking bugs for this issue:

Affects: fedora-all [bug 2071934]

Created mingw-libarchive tracking bugs for this issue:

Affects: fedora-all [bug 2071935]

Comment 9 errata-xmlrpc 2022-06-28 14:59:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5252 https://access.redhat.com/errata/RHSA-2022:5252

Comment 10 Product Security DevOps Team 2022-07-01 08:42:36 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):


Note You need to log in before you can comment on or make changes to this bug.