Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2019-1000019 - log back

CVE-2019-1000019 created at 25 Sep 2019 19:31:40

Severity

+

High

Remote

+

Local

Type

+	Information disclosure

Description

+	libarchive version >=v3.0.2 contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.

References

+	https://github.com/libarchive/libarchive/pull/1120
+	https://github.com/libarchive/libarchive/pull/1120/commits/65a23f5dbee4497064e9bb467f81138a62b0dae1

Notes