CVE-2016-2335

Priority
Description
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20
and 15.05 beta and p7zip allows remote attackers to cause a denial of
service (out-of-bounds read) or execute arbitrary code via the PartitionRef
field in the Long Allocation Descriptor in a UDF file.
Notes
Package
Source: p7zip (LP Ubuntu Debian)
Upstream:released (15.14.1+dfsg-2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [9.20.1~dfsg.1-4+deb7u2build0.12.04.1])
Ubuntu 14.04 ESM (Trusty Tahr):released (9.20.1~dfsg.1-4+deb7u2build0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (9.20.1~dfsg.1-4.2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (15.14.1+dfsg-2)
More Information

Updated: 2020-07-28 19:56:47 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)