CVE-2019-19221

In Libarchive 3.4.0, archivewstringappendfrommbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

References

Affected packages

Git / github.com/libarchive/libarchive

Affected ranges

Type: GIT
Repo: https://github.com/libarchive/libarchive
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

22b1db9d46654afc6f0c28f90af8cdc84a199f41

Affected versions

v2.*

v2.6.0

v2.6.1

v2.6.2

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v3.*

v3.0.0a

v3.0.1b

v3.0.2

v3.0.3

v3.0.4

v3.1.0

v3.1.1

v3.1.2

v3.1.900a

v3.1.901a

v3.2.0

v3.2.1

v3.2.2

v3.3.0

v3.3.1

v3.3.2

v3.3.3

v3.4.0

Database specific

vanir_signatures

[
    {
        "id": "CVE-2019-19221-5e805d5f",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "259493752926620651709142349362849276195",
                "230785914983052223447961732927117151371",
                "12217636447501291062302553513055680385",
                "62405126494858429610787578500845061231",
                "179463854991740435999144472805357298736",
                "68272709789547205234125986453360853951",
                "162410301725275465914806499663084049292",
                "39164957372088187268497416633378961709",
                "202682923871852641868733101080295891962",
                "301086400055508873109432046317611991735",
                "74546993610714974430143180538446038077",
                "61386143541752768976266999255212136357",
                "304739343456208653730853587197886130232",
                "69163275847624257713894847667530878779",
                "317680709258419472989675329879033315216",
                "194390456970727352281349517689519873402",
                "337761648969299792289380367460237055379",
                "245645095900971998780157229976002940083",
                "313689221747533615139444426067652867707",
                "71839374558949873560356293840298277327",
                "324202677020325561218158605561092244799",
                "36678885239641828656854822239115902921",
                "63456052592772401547364162085691945315",
                "208068655965959195053039668998724809446",
                "321372824576092357600368061492307768572",
                "115861186337743141515360542569469183063",
                "291243398602166245106447150619205573687",
                "323333371442874016294651402000641868572",
                "247288520912191146938119320438545084272",
                "113231134948946292219430299831050015683",
                "214748447455728673716737136207566695935",
                "194097180572846545798744625891833564381",
                "119524074472370788340214959067133643311"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "libarchive/archive_string.c"
        },
        "signature_type": "Line",
        "source": "https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41"
    },
    {
        "id": "CVE-2019-19221-b74e4aa8",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1063.0,
            "function_hash": "15941912786800880371649172928636517809"
        },
        "target": {
            "function": "archive_wstring_append_from_mbs",
            "file": "libarchive/archive_string.c"
        },
        "signature_type": "Function",
        "source": "https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41"
    }
]