SB2019081526 - Gentoo update for libarchive

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Buffer over-read (CVE-ID: CVE-2017-14166)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in libarchive 3.3.2. A remote attacker can trigger xml_data heap-based buffer over-read and application crash via a specially crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

2) Out-of-bounds read (CVE-ID: CVE-2017-14501)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read condition in the parse_file_info function, as defined in the archive_read_support_format_iso9660.c source code file when extracting ISO 9660 files. A remote attacker can trick the victim into extracting an ISO 9660 file that submits malicious input and cause the service to crash.

3) Off-by-one (CVE-ID: CVE-2017-14502)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to off-by-one error for UTF-16 names in RAR archives. A remote attacker can trigger an out-of-bounds read in archive_read_format_rar_read_header and cause the service to crash.

4) Out-of-bounds read (CVE-ID: CVE-2017-14503)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive. A remote attacker can trigger an out-of-bounds read, related to lha_crc16 and cause the service to crash.

Remediation

Install update from vendor's website.

References

• https://security.gentoo.org/
• https://security.gentoo.org/glsa/201908-11