Back to search
CVE-2018-1000879
Published: Dec 20, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/libarchive/libarchive/pull/1105
x_refsource_MISC
106324
vdb-entry
x_refsource_BID
FEDORA-2019-0233ec0ff3
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-fbe83d0e32
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-c595a93536
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2019:1196
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now