{"id":"UBUNTU-CVE-2023-40477","details":"RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233.","modified":"2026-02-04T02:57:04.202602Z","published":"2023-08-25T00:00:00Z","related":["USN-6569-1","USN-7349-1","USN-7350-1"],"upstream":["CVE-2023-40477"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-40477"},{"type":"REPORT","url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1152/"},{"type":"REPORT","url":"https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa"},{"type":"REPORT","url":"https://blog.clamav.net/2023/08/clamav-120-feature-version-and-111-102.html"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6569-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2023-40477"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7349-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7350-1"}],"affected":[{"package":{"name":"libclamunrar","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libclamunrar@0.101.2-1~ubuntu0.16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.98.5-1","0.99-1","0.99-1ubuntu0.1","0.100.1-1~ubuntu0.16.04.1","0.101.2-1~ubuntu0.16.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.101.2-1~ubuntu0.16.04.1","binary_name":"libclamunrar9"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"rar","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/rar@2:5.3.b2-1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:5.3.b2-1"],"ecosystem_specific":{"binaries":[{"binary_version":"2:5.3.b2-1","binary_name":"rar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"unrar-nonfree","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/unrar-nonfree@1:5.3.2-1+deb9u1build0.16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.3.2-1","1:5.3.2-1+deb9u1build0.16.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:5.3.2-1+deb9u1build0.16.04.1","binary_name":"unrar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"libclamunrar","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libclamunrar@0.101.2-1~ubuntu0.18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.99-4ubuntu1","0.100.1-1~ubuntu0.18.04.1","0.101.2-1~ubuntu0.18.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.101.2-1~ubuntu0.18.04.1","binary_name":"libclamunrar9"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"rar","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/rar@2:5.5.0-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:5.4.0+dfsg.1-0.1","2:5.5.0-1"],"ecosystem_specific":{"binaries":[{"binary_version":"2:5.5.0-1","binary_name":"rar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"unrar-nonfree","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/unrar-nonfree@1:5.5.8-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.5.8-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:5.5.8-1","binary_name":"unrar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"libclamunrar","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/libclamunrar@0.103.11-0ubuntu0.20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.103.11-0ubuntu0.20.04.1"}]}],"versions":["0.101.2-1","0.101.2-1build1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"0.103.11-0ubuntu0.20.04.1","binary_name":"libclamunrar9"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"rar","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/rar@2:6.23-1~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:6.23-1~20.04.1"}]}],"versions":["2:5.5.0-1","2:5.5.0-1build1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2:6.23-1~20.04.1","binary_name":"rar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"unrar-nonfree","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/unrar-nonfree@1:5.6.6-2ubuntu0.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:5.6.6-2ubuntu0.1"}]}],"versions":["1:5.6.6-2","1:5.6.6-2build1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1:5.6.6-2ubuntu0.1","binary_name":"libunrar-dev"},{"binary_version":"1:5.6.6-2ubuntu0.1","binary_name":"libunrar5"},{"binary_version":"1:5.6.6-2ubuntu0.1","binary_name":"unrar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"libclamunrar","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libclamunrar@0.103.11-0ubuntu0.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.103.11-0ubuntu0.22.04.1"}]}],"versions":["0.102.3-3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"0.103.11-0ubuntu0.22.04.1","binary_name":"libclamunrar"},{"binary_version":"0.103.11-0ubuntu0.22.04.1","binary_name":"libclamunrar9"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"rar","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/rar@2:6.23-1~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:6.23-1~22.04.1"}]}],"versions":["2:5.5.0-1build1","2:5.5.0-1.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2:6.23-1~22.04.1","binary_name":"rar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"unrar-nonfree","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/unrar-nonfree@1:6.1.5-1ubuntu0.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.1.5-1ubuntu0.1"}]}],"versions":["1:6.0.5-1","1:6.0.7-6","1:6.1.2-1","1:6.1.3-1","1:6.1.3-2","1:6.1.4-1","1:6.1.5-1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1:6.1.5-1ubuntu0.1","binary_name":"libunrar-dev"},{"binary_version":"1:6.1.5-1ubuntu0.1","binary_name":"libunrar-headers"},{"binary_version":"1:6.1.5-1ubuntu0.1","binary_name":"libunrar5"},{"binary_version":"1:6.1.5-1ubuntu0.1","binary_name":"unrar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}},{"package":{"name":"rar","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/rar@2:6.23-1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:6.23-1"}]}],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2:6.23-1","binary_name":"rar"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-40477.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}