Bug 2071931 (CVE-2022-26280) - CVE-2022-26280 libarchive: an out-of-bounds read via the component zipx_lzma_alone_init
Summary: CVE-2022-26280 libarchive: an out-of-bounds read via the component zipx_lzma_...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-26280
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2071933 2071934 2071935 2086976 2086977
Blocks: 2071936
TreeView+ depends on / blocked
 
Reported: 2022-04-05 09:19 UTC by Vipul Nair
Modified: 2022-11-29 04:27 UTC (History)
14 users (show)

Fixed In Version: libarchive 3.6.1
Doc Type: If docs needed, set a value
Doc Text:
An out-of-bounds read flaw was found in libarchive. This flaw allows an attacker who can supply a specially crafted zip file to libarchive to cause an out-of-bounds read in programs linked with libarchive, using the LZMA zip functionality. The consequences depend on the specific program linked with libarchive. Still, they would most likely result in an application crash or information disclosure that could be used in conjunction with another exploit.
Clone Of:
Environment:
Last Closed: 2022-07-01 08:42:39 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5252 0 None None None 2022-06-28 14:59:54 UTC

Description Vipul Nair 2022-04-05 09:19:13 UTC 
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.

https://github.com/libarchive/libarchive/issues/1672
Comment 1 Vipul Nair 2022-04-05 09:21:45 UTC 
Created cmake3 tracking bugs for this issue:

Affects: epel-all [bug 2071933]


Created libarchive tracking bugs for this issue:

Affects: fedora-all [bug 2071934]


Created mingw-libarchive tracking bugs for this issue:

Affects: fedora-all [bug 2071935]
Comment 2 Sandipan Roy 2022-05-16 13:10:50 UTC 
Patch: https://github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
Comment 9 errata-xmlrpc 2022-06-28 14:59:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5252 https://access.redhat.com/errata/RHSA-2022:5252
Comment 10 Product Security DevOps Team 2022-07-01 08:42:36 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-26280
Note You need to log in before you can comment on or make changes to this bug.