{"id":"MGASA-2016-0239","summary":"Updated libarchive packages fix security vulnerability","details":"An out of bounds read in the rar parser: invalid read in function\ncopy_from_lzss_window() when unpacking malformed rar (CVE-2015-8934).\n\nAn exploitable heap overflow vulnerability exists in the 7zip\nread_SubStreamsInfo functionality of libarchive. A specially crafted 7zip\nfile can cause a integer overflow resulting in memory corruption that can\nlead to code execution. An attacker can send a malformed file to trigger\nthis vulnerability (CVE-2016-4300).\n\nAn exploitable stack based buffer overflow vulnerability exists in the\nmtree parse_device functionality of libarchive. A specially crafted mtree\nfile can cause a buffer overflow resulting in memory corruption/code\nexecution. An attacker can send a malformed file to trigger this\nvulnerability (CVE-2016-4301).\n\nAn exploitable heap overflow vulnerability exists in the Rar decompression\nfunctionality of libarchive. A specially crafted Rar file can cause a heap\ncorruption eventually leading to code execution. An attacker can send a\nmalformed file to trigger this vulnerability (CVE-2016-4302).\n\nA signed integer overflow in iso parser: integer overflow when computing\nlocation of volume descriptor (CVE-2016-5844).\n\nThe libarchive package has been updated to version 3.2.1, fixing those\nissues and other bugs.\n","modified":"2026-02-04T02:21:11.578172Z","published":"2016-07-05T15:47:08Z","related":["CVE-2015-8934","CVE-2016-4300","CVE-2016-4301","CVE-2016-4302"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0239.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18769"},{"type":"REPORT","url":"https://github.com/libarchive/libarchive/issues/521"},{"type":"REPORT","url":"http://www.talosintel.com/reports/TALOS-2016-0152"},{"type":"REPORT","url":"http://www.talosintel.com/reports/TALOS-2016-0153"},{"type":"REPORT","url":"http://www.talosintel.com/reports/TALOS-2016-0154"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1349229"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348439"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348441"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348444"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2016/06/23/6"},{"type":"REPORT","url":"https://groups.google.com/forum/#!msg/libarchive-discuss/sui01WaM3ic/WhAgI4ylAwAJ"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2016/06/24/4"}],"affected":[{"package":{"name":"libarchive","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libarchive?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.2.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0239.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}