CVE-2018-1000880 - log back

CVE-2018-1000880 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Denial of service
Description
+ A resource consumption issue has been found in libarchive >= 3.2.0 and <=3.3.3, in the _warc_read() function in archive_read_support_format_warm.c. An attacker can use a specially crafted WARC file to cause quasi-infinite run time and disk usage from a tiny file.
References
+ https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
+ https://github.com/libarchive/libarchive/pull/1105
+ https://github.com/libarchive/libarchive/commit/9c84b7426660c09c18cc349f6d70b5f8168b5680
Notes