CVE-2021-3465 - log back

CVE-2021-3465 edited at 24 Mar 2021 18:38:35
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ In p7zip 17.03, the function NCompress::CCopyCoder::Code in CPP/7zip/Common/StreamObjects.cpp will call outStream->Write where a memcpy uses a NULL pointer as destination address, leading to a crash.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1942677
+ https://github.com/jinfeihan57/p7zip/issues/130
+ https://github.com/jinfeihan57/p7zip/files/6182176/null1.zip
Notes
CVE-2021-3465 created at 24 Mar 2021 18:37:43