1489852 – (CVE-2017-14166) CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function

Bug 1489852 (CVE-2017-14166) - CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function

Summary: CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2017-14166
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1449531 1698494 1827927
Blocks:	1856620
TreeView+	depends on / blocked

Reported:	2017-09-08 13:27 UTC by Andrej Nemec
Modified:	2023-03-21 18:36 UTC (History)
CC List:	8 users (show)
Fixed In Version:	libarchive 3.3.3
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-21 11:57:02 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2017-09-08 13:27:03 UTC

libarchive 3.3.2 allows attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

Upstream patch:

https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71

References:

https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/

Comment 1 Andrej Nemec 2017-09-08 13:28:10 UTC

Created libarchive tracking bugs for this issue:

Affects: fedora-all [bug 1449531]

Comment 2 Pavel Raiskup 2018-06-01 10:08:04 UTC

Waits for release:
https://github.com/libarchive/libarchive/issues/935

Note You need to log in before you can comment on or make changes to this bug.