Mageia 2022-0453: libarchive security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
MGASA-2022-0453 - Updated libarchive packages fix security vulnerability

Publication date: 13 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0453.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-36227

In libarchive 3.6.1, the software does not check for an error after
calling calloc function that can return with a NULL pointer if the
function fails, which leads to a resultant NULL pointer dereference.
(CVE-2022-36227)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31179
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/013094.html
- https://lists.opensuse.org/archives/list/[email protected]/thread/N4XUJQ5ZT6HWNXMENJI7BA5SJHZCQSOO/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36227

SRPMS:
- 8/core/libarchive-3.6.1-1.1.mga8

Mageia 2022-0453: libarchive security update

In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NU...

Summary

In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. (CVE-2022-36227)

References

- https://bugs.mageia.org/show_bug.cgi?id=31179

- https://lists.suse.com/pipermail/sle-security-updates/2022-November/013094.html

- https://lists.opensuse.org/archives/list/[email protected]/thread/N4XUJQ5ZT6HWNXMENJI7BA5SJHZCQSOO/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36227

Resolution

MGASA-2022-0453 - Updated libarchive packages fix security vulnerability

SRPMS

- 8/core/libarchive-3.6.1-1.1.mga8

Severity
Publication date: 13 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0453.html
Type: security
CVE: CVE-2022-36227

News

Advisories

HOWTOs

Features

How to Check if Your Linux System is Infected with a Virus
Security Considerations for Azure Linux & Windows Subsystem for Linux Users
Admins Receive Automated Linux Patch Management & Improved Security with ManageEngine Endpoint Central
Linux Malware: The Truth About This Growing Threat [Updated]
How Physical Security Blends With Cybersecurity

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy