Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2018-1000879 - log back

CVE-2018-1000879 created at 25 Sep 2019 19:31:40

Severity

+

Low

Remote

+

Local

Type

+	Denial of service

Description

+	A NULL-pointer dereference issue has been found in libarchive >= 3.3.0 and <=3.3.3, in the archive_acl_from_text_l() function in archive_acl.c. An attacker can use a specially crafted archive file to cause a crash via a malformed ACL.

References

+	https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
+	https://github.com/libarchive/libarchive/pull/1105
+	https://github.com/libarchive/libarchive/commit/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175

Notes