CVE-2015-8916
libarchive: NULL pointer access in RAR parser through bsdtar
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.
bsdtar en libarchive en versiones anteriores a 3.2.0 devuelve un código válido sin rellenar la entrada cuando la cabecera es un "archivo dividido en multivolumen RAR," lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída) a través de un archivo rar manipulado.
A vulnerability was found in libarchive. A specially crafted RAR file could cause the application dereference a NULL pointer, leading to a crash.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-17 CVE Reserved
- 2016-07-14 CVE Published
- 2024-05-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2016/06/17/2 | Mailing List | |
http://www.openwall.com/lists/oss-security/2016/06/17/5 | Mailing List | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/91296 | Vdb Entry | |
https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html | Third Party Advisory | |
https://github.com/libarchive/libarchive/issues/504 | X_refsource_confirm | |
https://security-tracker.debian.org/tracker/CVE-2015-8916 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2016-1844.html | 2018-01-05 | |
http://www.debian.org/security/2016/dsa-3657 | 2018-01-05 | |
http://www.ubuntu.com/usn/USN-3033-1 | 2018-01-05 | |
https://security.gentoo.org/glsa/201701-03 | 2018-01-05 | |
https://access.redhat.com/security/cve/CVE-2015-8916 | 2016-09-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1348412 | 2016-09-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 15.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Libarchive Search vendor "Libarchive" | Libarchive Search vendor "Libarchive" for product "Libarchive" | <= 3.1.901a Search vendor "Libarchive" for product "Libarchive" and version " <= 3.1.901a" | - |
Affected
|