CVE-2016-5418

Published: 21 September 2016

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.

Priority

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package	Release	Status
libarchive Launchpad, Ubuntu, Debian	precise	Released (3.0.3-6ubuntu1.4)
	trusty	Released (3.1.2-7ubuntu2.4)
	upstream	Released (3.2.1-4)
	xenial	Released (3.1.2-11ubuntu0.16.04.3)
	yakkety	Released (3.2.1-2ubuntu0.1)
	Patches: upstream: https://github.com/libarchive/libarchive/commit/1fa9c7bf90f0862036a99896b0501c381584451a upstream: https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 upstream: https://github.com/libarchive/libarchive/commit/063ea3ea3fcb569a380b2ebe9c9ddd8bd6ce0d49 upstream: https://github.com/libarchive/libarchive/commit/50952acd22df3326c49771f5e5ba48630899468c upstream: https://github.com/libarchive/libarchive/commit/dc1882e4ab48c3b1c11a596e9f577c43a5592dfb distro: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3 distro: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3

Severity score breakdown

Parameter	Value
Base score	7.5
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	High
Availability impact	None
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837714

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›