oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Libarchive/bsdtar: multiple crashes

From: cve-assign () mitre org
Date: Sat, 15 Oct 2016 22:59:53 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/



AddressSanitizer: stack-buffer-overflow ... WRITE of size 4

Upstream was not able to reproduce the issue, maybe different compiler
and compiler options, so he committed the fix based on what the
stacktrace printed.

https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a


Use CVE-2016-8687.



https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/



AddressSanitizer: heap-buffer-overflow ... READ of size 1




https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/



AddressSanitizer: unknown-crash ... READ of size 1




https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c/



AddressSanitizer: heap-buffer-overflow ... READ of size 1




https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-bid_entry-archive_read_support_format_mtree-c/



AddressSanitizer: heap-use-after-free ... READ of size 1




https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/



AddressSanitizer: heap-use-after-free ... READ of size 1



https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca


Use CVE-2016-8688 for all of eec077f52bfa2d3f7103b4b74d52572ba8a15aca.
The commit message explains that there is a single code problem that
could lead to the various reports in the above five blog posts.




https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/



AddressSanitizer: heap-buffer-overflow ... READ of size 1



https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126


Use CVE-2016-8689.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYAueBAAoJEHb/MwWLVhi2DmkP/jIITERPW+3gZpCoB6m74SrZ
lkyE2s/GR+ckzez27+UZCieJMcBDlb9GlWFioNksZ3Q5QNOmdGOXz0NlQ2d/tMRq
TivSUiMIbIhWKIAXtu7Ypdcav2/qJsenQPkZ2yNX8rWJWVvI4q3A0dG5/GQlevCH
IwBeJd3U6S2KR9LbhwXFoNASBLAX5ONTZ1RBpvgUJ2p38SljsF4M8JWQ1OcBEyKS
V8SD0QWsehQ4KTUvWtb4ZPC+h9tNZ22msStRf2GN/q5fe05UiNDvVOzkJCxUxpau
lafgNUnKDHgNNVKUozBDhe3l2ORV63y/+7vwlzuhD4sFdnqyI+Bz4w9+98gF29jp
e+Z7XAlcFG3lBik3me9pwd5K6VZy8Q3EvYJzGtZ3mXV4SKVDpkIXU+toKaB7pRWv
G8eOro4IaOlArf2nA6O3oMafenxi1nYaoliwL33L9ORq/s+quGOy8BF2PLAuf/Da
pK+vWYzw8ErCi06fl35nw0MBEaQwcoP53TPLmckEwdt4pGBugnL4cOEYgynsH4aN
U4+FiQkeFkuFayjt/GNGjV8K2oFSff96kM5O2/PLbMGgVPnxAe4gCH9NiAfoerd1
g0C+r6cE2FpwFAmx1xzcy/1XrAOzodS4+NQLR21vZZd/knGBA05dV3XbZgZ2iWE1
iXqAGl4W7dvYgHHbUyTg
=+kz6
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: