rpm package
suse/libarchive&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-20696 | — | < 3.4.2-150200.4.18.1 | 3.4.2-150200.4.18.1 | Jan 9, 2024 | Windows libarchive Remote Code Execution Vulnerability | ||
| CVE-2021-36976 | — | < 3.4.2-150200.4.3.1 | 3.4.2-150200.4.3.1 | Jul 20, 2021 | libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | ||
| CVE-2017-5601 | Hig | 7.5 | < 3.4.2-150200.4.3.1 | 3.4.2-150200.4.3.1 | Jan 27, 2017 | An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. |
- CVE-2024-20696Jan 9, 2024affected < 3.4.2-150200.4.18.1fixed 3.4.2-150200.4.18.1
Windows libarchive Remote Code Execution Vulnerability
- CVE-2021-36976Jul 20, 2021affected < 3.4.2-150200.4.3.1fixed 3.4.2-150200.4.3.1
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
- affected < 3.4.2-150200.4.3.1fixed 3.4.2-150200.4.3.1
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.