Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2015-8934 |
CWE-ID | CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
libarchive Client/Desktop applications / Software for archiving |
Vendor | libarchive |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU33272
Risk: Medium
CVSSv3.1: 4.8 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-8934
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary error in the copy_from_lzss_window function in archive_read_support_format_rar.c. A remote attacker can create a crafted rar file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate to version 3.2.1.
Vulnerable software versionslibarchive: 3.0.0 - 3.2.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html
http://rhn.redhat.com/errata/RHSA-2016-1844.html
http://www.debian.org/security/2016/dsa-3657
http://www.openwall.com/lists/oss-security/2016/06/17/2
http://www.openwall.com/lists/oss-security/2016/06/17/5
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91409
http://www.ubuntu.com/usn/USN-3033-1
http://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html
http://github.com/libarchive/libarchive/issues/521
http://security.gentoo.org/glsa/201701-03
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted archive.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.