Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "bsdcpio", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "bsdcpio-dbgsym", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "bsdtar", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "bsdtar-dbgsym", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "libarchive-dev", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "libarchive13", "binary_version": "3.1.2-7ubuntu2.4" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.1.2-7ubuntu2.4" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "bsdcpio", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "bsdcpio-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "bsdtar", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "bsdtar-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "libarchive-dev", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "libarchive13", "binary_version": "3.1.2-11ubuntu0.16.04.3" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.3" } ] }