Out-of-bounds read in libarchive

#VU98511 Out-of-bounds read in libarchive

Cybersecurity Help s.r.o.

Published: 2024-10-14

Vulnerability identifier: #VU98511

Vulnerability risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-48957

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libarchive
Client/Desktop applications / Software for archiving

Vendor: libarchive

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the execute_filter_audio() function in archive_read_support_format_rar.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libarchive: 3.0 - 3.7.4

External links
http://github.com/libarchive/libarchive/pull/2149
http://github.com/libarchive/libarchive/compare/v3.7.4...v3.7.5

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 24.03 LTS update for libarchive

SUSE update for libarchive

Fedora 40 update for libarchive

Ubuntu update for libarchive

Fedora 39 update for libarchive

Multiple vulnerabilities in Libarchive