REDHAT-BUG-2449010: Medium severity Libarchive libarchive vulnerability
An Undefined Behavior vulnerability exists in the zisofs decompression logic of the libarchive library. The flaw is caused by improper validation of the pzlog2bs field, which is directly read from ISO9660 Rock Ridge extensions and used as a shift exponent in arithmetic operations. When a specially crafted ISO file provides an out-of-range value (e.g., ≥64 on 64-bit systems), it triggers undefined behavior due to invalid shift operations, leading to incorrect memory allocation and potential crashes. This vulnerability can be exploited by supplying a malicious ISO file, resulting in denial-of-service conditions in applications that process ISO images.
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2449010?
The severity of REDHAT-BUG-2449010 is classified as high due to the potential for exploitation through undefined behavior.
How do I fix REDHAT-BUG-2449010?
To fix REDHAT-BUG-2449010, update the libarchive library to a version that incorporates the patch addressing this vulnerability.
Which versions of libarchive are affected by REDHAT-BUG-2449010?
REDHAT-BUG-2449010 affects specific versions of the libarchive library; it is important to check your currently installed version against the patches.
What specifically causes the vulnerability in REDHAT-BUG-2449010?
The vulnerability in REDHAT-BUG-2449010 is caused by improper validation of the pz_log2_bs field from the ISO9660 Rock Ridge extensions.
Can REDHAT-BUG-2449010 lead to data corruption?
Yes, exploitation of REDHAT-BUG-2449010 can potentially lead to data corruption or unintended behavior due to the undefined behavior in the code.