REDHAT-BUG-2449006: High severity Libarchive libarchive vulnerability
A Heap Out-of-Bounds Read vulnerability exists in the RAR archive processing logic of the libarchive library. The issue arises from improper validation of the LZSS sliding window size after transitions between compression methods (PPMd and LZSS). Due to a mismatch between the allocated buffer size and the expected dictionary size, the copyfromlzsswindow() function performs out-of-bounds memory reads. This allows a specially crafted RAR archive to leak heap memory through the archivereaddata() API before integrity checks (CRC) are enforced. The vulnerability can be exploited remotely without authentication or user interaction in systems that automatically process archives, leading to disclosure of sensitive information.
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2449006?
The severity of REDHAT-BUG-2449006 is classified as high due to the potential for heap out-of-bounds read vulnerabilities.
How do I fix REDHAT-BUG-2449006?
To fix REDHAT-BUG-2449006, update to the latest version of the libarchive library that addresses this vulnerability.
What systems are affected by REDHAT-BUG-2449006?
REDHAT-BUG-2449006 affects systems using the libarchive library for RAR archive processing.
What are the potential impacts of REDHAT-BUG-2449006?
The potential impacts of REDHAT-BUG-2449006 include application crashes and unauthorized information disclosure due to memory reading errors.
Is there a workaround for REDHAT-BUG-2449006?
Currently, there are no official workarounds for REDHAT-BUG-2449006, hence updating the library is recommended.