Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-1000877

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.

Related bugs and status

CVE-2018-1000877 (Candidate) is related to these bugs:

Bug #1794909: Memory corruption in RAR decoder

Summary				In	Importance	Status
	1794909	Memory corruption in RAR decoder		libarchive (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...
MISC: https://github.com/lib...
MISC: https://github.com/lib...
MLIST: [debian-lts-announce] ...
DEBIAN: DSA-4360
BID: 106324
UBUNTU: USN-3859-1
FEDORA: FEDORA-2019-0233ec0ff3
FEDORA: FEDORA-2019-c595a93536
FEDORA: FEDORA-2019-fbe83d0e32
SUSE: openSUSE-SU-2019:1196
REDHAT: RHSA-2019:2298
REDHAT: RHSA-2019:3698
SUSE: openSUSE-SU-2019:2615
SUSE: openSUSE-SU-2019:2632