Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.06%
  • Veröffentlicht 20.09.2016 14:15:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

  • EPSS 5.38%
  • Veröffentlicht 20.09.2016 14:15:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.

  • EPSS 2.88%
  • Veröffentlicht 20.09.2016 14:15:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

  • EPSS 2.06%
  • Veröffentlicht 20.09.2016 14:15:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

  • EPSS 11.99%
  • Veröffentlicht 20.09.2016 14:15:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

  • EPSS 1.92%
  • Veröffentlicht 20.09.2016 14:15:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

  • EPSS 4.53%
  • Veröffentlicht 20.09.2016 14:15:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

  • EPSS 4.3%
  • Veröffentlicht 20.09.2016 14:15:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

  • EPSS 3.23%
  • Veröffentlicht 20.09.2016 14:15:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar...

  • EPSS 6.51%
  • Veröffentlicht 07.09.2016 20:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.