CVE-2016-4809

Priority
Description
The archive_read_format_cpio_read_header function in
archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote
attackers to cause a denial of service (application crash) via a CPIO
archive with a large symlink.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (3.1.2-7ubuntu2.3)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.1.2-11ubuntu0.16.04.2)
Patches:
Upstream:https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408
More Information

Updated: 2020-07-28 19:57:39 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)