Vulnerability Details : CVE-2016-5844
Potential exploit
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-5844
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
- cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5844
0.90%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5844
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2016-5844
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5844
-
http://www.securitytracker.com/id/1036173
libarchive Integer Overflow in Processing Files Lets Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1850.html
RHSA-2016:1850 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3657
Debian -- Security Information -- DSA-3657-1 libarchive
-
http://rhn.redhat.com/errata/RHSA-2016-1844.html
RHSA-2016:1844 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html
Out of bounds read and signed integer overflow in libarchive | The Fuzzing ProjectExploit;Third Party Advisory
-
http://www.securityfocus.com/bid/91808
libarchive CVE-2016-5844 Denial Of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2016/06/24/4
oss-security - Re: Out of bounds read and signed integer overflow in libarchiveMailing List
-
https://github.com/libarchive/libarchive/issues/717
signed integer overflow in iso parser · Issue #717 · libarchive/libarchive · GitHubExploit
-
https://bugzilla.redhat.com/show_bug.cgi?id=1350280
1350280 – (CVE-2016-5844) CVE-2016-5844 libarchive: undefined behaviour (integer overflow) in iso parserIssue Tracking;Patch;Third Party Advisory;VDB Entry
-
https://security.gentoo.org/glsa/201701-03
libarchive: Multiple vulnerabilities (GLSA 201701-03) — Gentoo security
-
http://www.openwall.com/lists/oss-security/2016/06/23/6
oss-security - Out of bounds read and signed integer overflow in libarchiveMailing List
-
https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22
Issue 717: Fix integer overflow when computing location of volume de… · libarchive/libarchive@3ad08e0 · GitHubExploit
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Oracle Linux Bulletin - July 2016Third Party Advisory
Jump to