Vulnerability Details : CVE-2018-1000880
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2018-1000880
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1000880
0.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1000880
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2018-1000880
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1000880
-
https://www.debian.org/security/2018/dsa-4360
Debian -- Security Information -- DSA-4360-1 libarchiveThird Party Advisory
-
https://usn.ubuntu.com/3859-1/
USN-3859-1: libarchive vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/106324
Libarchive Multiple Denial Of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680
Fix various crash, memory corruption and infinite loop conditions by daxtens · Pull Request #1105 · libarchive/libarchive · GitHubPatch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/
[SECURITY] Fedora 30 Update: libarchive-3.3.3-6.fc30 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://github.com/libarchive/libarchive/pull/1105
Fix various crash, memory corruption and infinite loop conditions by daxtens · Pull Request #1105 · libarchive/libarchive · GitHubThird Party Advisory
-
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
Bug #1794909 “Memory corruption in RAR decoder” : Bugs : libarchive package : UbuntuPatch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/
[SECURITY] Fedora 28 Update: libarchive-3.3.3-6.fc28 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/
[SECURITY] Fedora 29 Update: libarchive-3.3.3-6.fc29 - package-announce - Fedora Mailing-ListsMailing List;Release Notes;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html
[security-announce] openSUSE-SU-2019:1196-1: moderate: Security update fMailing List;Third Party Advisory
Jump to