An out of bounds read was found in libarchive's RAR parser. A specially crafted file could cause the application to read heap memory beyond the end of the decompression buffer. Upstream bug: https://github.com/libarchive/libarchive/issues/521 Upstream fix: https://github.com/libarchive/libarchive/commit/603454e Fix included in upstream release v3.2.1. The vulnerable code was not included in libarchive-2.8.
Created libarchive tracking bugs for this issue: Affects: fedora-all [bug 1352776]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1844 https://rhn.redhat.com/errata/RHSA-2016-1844.html