CVE-2019-18408

Published: Oct 24, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14689

x_refsource_MISC

https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60

x_refsource_MISC

https://github.com/libarchive/libarchive/compare/v3.3.3...v3.4.0

x_refsource_MISC

[debian-lts-announce] 20191026 [SECURITY] [DLA 1971-1] libarchive security update

mailing-list

x_refsource_MLIST

USN-4169-1

vendor-advisory

x_refsource_UBUNTU

DSA-4557

vendor-advisory

x_refsource_DEBIAN

20191104 [SECURITY] [DSA 4557-1] libarchive security update

mailing-list

x_refsource_BUGTRAQ

https://support.f5.com/csp/article/K52144175?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

openSUSE-SU-2019:2615

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:2632

vendor-advisory

x_refsource_SUSE

RHSA-2020:0246

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0271

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0203

vendor-advisory

x_refsource_REDHAT

GLSA-202003-28

vendor-advisory

x_refsource_GENTOO

FEDORA-2019-71b2273a9f

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-18408

Description

Affected Products

References