CVE-2015-8921
libarchive: Global out of bounds read in mtree parser
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
La función ae_strtofflags en archive_entry.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo mtree manipulado.
A vulnerability was found in libarchive. A specially crafted mtree file could cause libarchive to read beyond a statically declared structure, potentially disclosing application memory.
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-06-17 CVE Reserved
- 2016-07-14 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/06/17/2 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2016/06/17/5 | Mailing List |
|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/91307 | Vdb Entry | |
| https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html | Third Party Advisory | |
| https://github.com/libarchive/libarchive/issues/512 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html | 2023-09-12 | |
| http://rhn.redhat.com/errata/RHSA-2016-1844.html | 2023-09-12 | |
| http://rhn.redhat.com/errata/RHSA-2016-1850.html | 2023-09-12 | |
| http://www.debian.org/security/2016/dsa-3657 | 2023-09-12 | |
| http://www.ubuntu.com/usn/USN-3033-1 | 2023-09-12 | |
| https://security.gentoo.org/glsa/201701-03 | 2023-09-12 | |
| https://access.redhat.com/security/cve/CVE-2015-8921 | 2016-09-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1348772 | 2016-09-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Suse Linux Enterprise Software Development Kit Search vendor "Novell" for product "Suse Linux Enterprise Software Development Kit" | 12.0 Search vendor "Novell" for product "Suse Linux Enterprise Software Development Kit" and version "12.0" | sp1 |
Affected
| ||||||
| Novell Search vendor "Novell" | Suse Linux Enterprise Desktop Search vendor "Novell" for product "Suse Linux Enterprise Desktop" | 12.0 Search vendor "Novell" for product "Suse Linux Enterprise Desktop" and version "12.0" | sp1 |
Affected
| ||||||
| Novell Search vendor "Novell" | Suse Linux Enterprise Server Search vendor "Novell" for product "Suse Linux Enterprise Server" | 12.0 Search vendor "Novell" for product "Suse Linux Enterprise Server" and version "12.0" | sp1 |
Affected
| ||||||
| Libarchive Search vendor "Libarchive" | Libarchive Search vendor "Libarchive" for product "Libarchive" | <= 3.1.901a Search vendor "Libarchive" for product "Libarchive" and version " <= 3.1.901a" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 15.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||