Wind River Support Network

HomeDefectsLIN7-6831

Fixed

LIN7-6831 : Security Advisory - libarchive - CVE-2015-8916

Created: Sep 22, 2016 Updated: Sep 8, 2018

Resolved Date: Nov 21, 2016

Found In Version: 7.0

Fix Version: 7.0.0.22

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a split file in multivolume RAR, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8916

Other Downloads

Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-8916