[arch-security] [ASA-201607-1] libarchive: arbitrary code execution
Levente Polyak
anthraxx at archlinux.org
Tue Jul 5 19:23:30 UTC 2016
Arch Linux Security Advisory ASA-201607-1
=========================================
Severity: Critical
Date : 2016-07-05
CVE-ID : CVE-2016-1541
Package : libarchive
Type : arbitrary code execution
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package libarchive before version 3.2.0-1 is vulnerable to
arbitrary code execution.
Resolution
==========
Upgrade to 3.2.0-1.
# pacman -Syu "libarchive>=3.2.0-1"
The problem has been fixed upstream in version 3.2.0.
Workaround
==========
None.
Description
===========
A vulnerability was found in libarchive. A specially crafted zip file
can provide an incorrect compressed size, which may allow an attacker
to place arbitrary code on the heap and execute it in the context of
the application.
Impact
======
A remote attacker is able to use a specially crafted zip file that,
when processed, is leading to arbitrary code execution.
References
==========
https://github.com/libarchive/libarchive/commit/d0331e8e
https://www.kb.cert.org/vuls/id/862384
https://access.redhat.com/security/cve/CVE-2016-1541
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160705/f7db0313/attachment.asc>
More information about the arch-security
mailing list