SB2021073108 - openEuler 20.03 LTS SP2 update for p7zip

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021073108

SB2021073108 - openEuler 20.03 LTS SP2 update for p7zip

Published: July 31, 2021

Security Bulletin ID SB2021073108
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 75% Medium 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2017-17969)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method. A remote attacker can trick the victim into opening a specially crafted ZIP archive, trigger memory corruption and out-of-bounds write execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Improper check or handling of exceptional conditions (CVE-ID: CVE-2018-5996)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the method NCompress::NRar3::CDecoder::Code due to insufficient exception handling. A remote attacker can trickt eh victim into opening a specially crafted RAR file, trigger multiple memory corruptions within the PPMd code and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

3) Memory corruption (CVE-ID: CVE-2018-10115)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling solid compression. A remote attacker can create a specially crafted RAR archive, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

4) NULL pointer dereference (CVE-ID: CVE-2016-9296)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications. A remote attacker can perform a denial of service (DoS) attack via a specially crafted 7z file.


Remediation

Install update from vendor's website.

References