Project

General

Profile

Bug #1806

[2.6] Vulnerability in libarchive allow remote code execution (CVE-2013-0211)

Added by Leonardo Arena about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
04/23/2013
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

A vulnerability has been found and corrected in libarchive:

Fabian Yamaguchi reported a read buffer overflow flaw in
libarchive on 64-bit systems where sizeof(size_t) is equal
to 8. In the archive_write_zip_data() function in libarchive/
archive_write_set_format_zip.c, the "s" parameter is of type size_t
(64 bit, unsigned) and is cast to a 64 bit signed integer. If "s" is
larger than MAX_INT, it will not be set to "zip->remaining_data_bytes"
even though it is larger than "zip->remaining_data_bytes", which
leads to a buffer overflow when calling deflate(). This can lead to a
segfault in an application that uses libarchive to create ZIP archives
(CVE-2013-0211).

https://bugzilla.redhat.com/show_bug.cgi?id=902998
https://github.com/libarchive/libarchive/commit/22531545514043e04633e1c015c7540b9de9dbe4.patch


Subtasks

Bug #1807: [2.5] Vulnerability in libarchive allow remote code executionClosed

Bug #1808: [2.4] Vulnerability in libarchive allow remote code executionClosed

Bug #1809: [2.3] Vulnerability in libarchive allow remote code executionClosed

Bug #1810: [2.2] Vulnerability in libarchive allow remote code executionClosed

Associated revisions

Revision ca643277 (diff)
Added by Natanael Copa about 6 years ago

main/libarchive: fix CVE-2013-0211

fixes #1806

History

#1 Updated by Natanael Copa about 6 years ago

  • Subject changed from [2.6] Vulnerability in libarchive allow remote code execution to [2.6] Vulnerability in libarchive allow remote code execution (CVE-2013-0211)

#2 Updated by Natanael Copa about 6 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3 Updated by Natanael Copa about 6 years ago

  • Status changed from Resolved to Closed

#4 Updated by Natanael Copa about 6 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security

Also available in: Atom PDF