libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.
References
Configurations
History
07 Nov 2023, 02:51
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-12-20 17:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-1000879
Mitre link : CVE-2018-1000879
CVE.ORG link : CVE-2018-1000879
JSON object : View
Products Affected
libarchive
- libarchive
opensuse
- leap
fedoraproject
- fedora
CWE
CWE-476
NULL Pointer Dereference