Bug 2282521 (CVE-2024-26256) - CVE-2024-26256 libarchive: Heap based buffer overflow in rar e8 filter
Summary: CVE-2024-26256 libarchive: Heap based buffer overflow in rar e8 filter
Keywords:
Status: NEW
Alias: CVE-2024-26256
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
: 2290446 (view as bug list)
Depends On: 2282530 2282531 2282527 2282528 2282529
Blocks: 2282522 CVE-2024-20697
TreeView+ depends on / blocked
 
Reported: 2024-05-22 13:54 UTC by Zack Miele
Modified: 2024-06-06 13:57 UTC (History)
37 users (show)

Fixed In Version: libarchive 3.7.4
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the libarchive library. A heap-based buffer overflow in the execute_filter_e8 function in the libarchive/archive_read_support_format_rar.c file can be triggered when a specially crafted RAR archive is processed, causing a crash to the application linked to the library, and resulting in a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Zack Miele 2024-05-22 13:54:34 UTC
A heap-based buffer overflow flaw was found in the rar e8 filter in libarchive. An attacker could trick a user into opening a specially crafted rar archive to induce a denial of service or arbitrary code execution in the context of the application using libarchive.

References:
https://github.com/advisories/GHSA-2jc9-36w4-pmqw
https://www.zerodayinitiative.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability

Upstream patch:
https://github.com/libarchive/libarchive/pull/2135

Comment 1 Zack Miele 2024-05-22 14:06:18 UTC
Created cmake3 tracking bugs for this issue:

Affects: epel-7 [bug 2282528]


Created libarchive tracking bugs for this issue:

Affects: fedora-39 [bug 2282529]
Affects: fedora-40 [bug 2282527]


Created mingw-libarchive tracking bugs for this issue:

Affects: fedora-39 [bug 2282530]
Affects: fedora-40 [bug 2282531]

Comment 5 Lukas Javorsky 2024-06-06 07:08:51 UTC
*** Bug 2290446 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.