Unrated severityNVD Advisory· Published Feb 20, 2020· Updated Aug 4, 2024
CVE-2020-9308
CVE-2020-9308
Description
archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- libarchive/libarchivedescription
- Range: <3.4.2
Patches
Vulnerability mechanics
References
7- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OTE7GWASH2ZOVG5H3HEN5PR6B3KF7JB/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J76F7VU7HC3GBKG5SAKTRBOFOI3RGO6M/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202003-28mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4293-1/mitrevendor-advisoryx_refsource_UBUNTU
- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- github.com/libarchive/libarchive/pull/1326mitrex_refsource_MISC
- github.com/libarchive/libarchive/pull/1326/commits/94821008d6eea81e315c5881cdf739202961040amitrex_refsource_MISC
News mentions
0No linked articles in our index yet.