SB2019090214 - Denial of service in libarchive

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Resource exhaustion (CVE-ID: CVE-2019-1000020)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper parsing of ISO9660 files. A remote attacker can  persuade a user to access an ISO9660, trigger an infinite loop condition and perform a denial of service (DoS) attack.

2) Out-of-bounds read (CVE-ID: CVE-2019-1000019)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the header_bytes() function in  archive_read_support_format_7zip.c when decompressing 7zip archives. A remote attacker can create a specially crafted 7zip file, trick the victim into opening it, trigger out-of-bounds read error and crash the affected application.

Remediation

Install update from vendor's website.

References

• https://github.com/libarchive/libarchive/pull/1120
• https://github.com/libarchive/libarchive/pull/1120/commits/8312eaa576014cd9b965012af51bc1f967b12423
• https://github.com/libarchive/libarchive/pull/1120/commits/65a23f5dbee4497064e9bb467f81138a62b0dae1