« List of all CVEs

CVE-2018-1000879

Published: 12/20/2018 Last updated: 8/5/2024 Reserved: 12/13/2018

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-cpio

Products affected (1)

Product Vendor Version
n/a n/a < 6.4.1.1

References (16)