[3.5] libarchive: Out of bounds read in lha_read_file_header_1() function (CVE-2017-5601)
The vulnerability is caused due to an error in the
(archive_read_support_format_lha.c), which can be exploited to trigger
an out-of-bounds read memory access via a specially crafted archive.
libarchive version 3.2.2.
Other versions may also be affected.
(from redmine: issue id 6791, created on 2017-02-01, closed on 2017-02-02)
- parent #6789 (closed)
- Revision 238237da by Sergei Lukin on 2017-02-01T13:19:51Z:
main/libarchive: security fixes #6791 CVE-2017-5601: Out of bounds read in lha_read_file_header_1() function