OSV-2020-461

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2020-461.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-461

Published

2020-07-01T00:00:10.823501Z

Modified

2022-04-13T03:04:41.205848Z

Summary

Index-out-of-bounds in parse_file_extra_owner

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14393

Crash type: Index-out-of-bounds
Crash state:
parse_file_extra_owner
process_head_file_extra
process_head_file

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14393

Affected packages

OSS-Fuzz / libarchive

Package

Name: libarchive
Purl: pkg:generic/libarchive

Affected ranges

Type: GIT
Repo: https://github.com/libarchive/libarchive.git
Events: Introduced

e5ade325a7d97772e91444332b4f7d3cfaab24d7

Fixed

ba641f73f3d758d9032b3f0e5597a9c6e593a505

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "660802fa971274258a91be9a239b7528983e2f81:64e68f2034e6c5c6fd20d6b274b67fbdb88c3804",
    "fixed_range": "7b3068c4bf7a217a1838db280072653197d30012:ba641f73f3d758d9032b3f0e5597a9c6e593a505"
}