Mageia 9: MGASA-2024-0363 Critical: libarchive heap-based issue

mageia

November 13, 2024

A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if ...

Summary

A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. (CVE-2024-20696)

References

- https://bugs.mageia.org/show_bug.cgi?id=33757

- https://lists.debian.org/debian-security-announce/2024/msg00220.html

- https://www.cve.org/CVERecord?id=CVE-2024-20696

Topics Covered

security advisory execution risk compression library libarchive heap-based issue Mageia

Resolution

SRPMS

- 9/core/libarchive-3.6.2-5.3.mga9

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 13 Nov 2024

URL: https://advisories.mageia.org/MGASA-2024-0363.html

Type: security

CVE: CVE-2024-20696

Topics Covered

security advisory execution risk compression library libarchive heap-based issue Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9: MGASA-2024-0363 Critical: libarchive heap-based issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9: MGASA-2024-0363 Critical: libarchive heap-based issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!