Vulnerability Note VU#970849

libarchive does not properly terminate loop

Overview

libarchive contains a vulnerability that may allow an attacker to cause a denial of service.

I. Description

The libarchive library provides an interface for reading and writing archive files.

There is a vulnerability in libarchive that occurs when it parses the pax interchange format. If an archive prematurely ends within a pax extension, libarchive may enter an infinite loop.

II. Impact

A remote, unauthenitcated attacker may be able to cause a denial of service condition.

III. Solution

Upgrade

Multiple operating system vendors have released an update to address this issue. Administrators should the systems affected portion of this document for more information.

Systems Affected

Vendor	Status	Date Updated
Debian GNU/Linux	Vulnerable	20-Mar-2008
FreeBSD, Inc.	Vulnerable	20-Mar-2008
Gentoo Linux	Vulnerable	20-Mar-2008
SUSE Linux	Vulnerable	20-Mar-2008

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3644
https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc
http://people.freebsd.org/~kientzle/libarchive/

Credit

Theanks to CERT-FI and CPNI for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

Date Public	07/12/2007
Date First Published	03/20/2008 03:51:18 PM
Date Last Updated	03/20/2008
CERT Advisory
CVE Name	CVE-2007-3644
US-CERT Technical Alerts
Metric	1.35
Document Revision	7

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information

Get Adobe Reader