OSV-2022-676

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2022-676.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-676
Published
2022-08-07T00:00:48.612696Z
Modified
2022-08-07T00:00:48.613055Z
Summary
Heap-use-after-free in archive_read_data
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49840

Crash type: Heap-use-after-free READ {*}
Crash state:
archive_read_data
libarchive_fuzzer.cc
process_head_file
References

Affected packages

OSS-Fuzz / libarchive

Package

Name
libarchive
Purl
pkg:generic/libarchive

Affected ranges

Type
GIT
Repo
https://github.com/libarchive/libarchive.git
Events
Introduced
2eb700495c4c384cde5c5d4c3e9b9d5d5ca674a8
Fixed
fa4b613f2e2510bd036f2eeed2fece97cd18b079

Ecosystem specific 

{
    "severity": "HIGH"
}