VYPR
Medium severity5.5NVD Advisory· Published Feb 15, 2017· Updated Jun 17, 2026

CVE-2016-8688

CVE-2016-8688

Description

The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.