Skip to main content

Long Range Zip CVE-2017-8846

MEDIUM
Use After Free (CWE-416)
2017-05-08 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 08, 2017 - 14:29 cve.org
MEDIUM 5.5

DescriptionCVE.org

The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.

AnalysisAI

The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Technical ContextAI

This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. Affected products include: Long Range Zip Project Long Range Zip, Debian Debian Linux.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.

CVE-2018-10685 CRITICAL POC
9.8 May 02

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which al

CVE-2018-11496 MEDIUM POC
6.5 May 26

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lr

CVE-2023-39741 MEDIUM POC
5.5 Aug 17

lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/l

CVE-2022-33067 MEDIUM POC
5.5 Jun 23

Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magic in lrzip.c and Pre

CVE-2022-26291 MEDIUM POC
5.5 Mar 28

lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf()

CVE-2021-27347 MEDIUM POC
5.5 Jun 10

Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (D

CVE-2021-27345 MEDIUM POC
5.5 Jun 10

A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a de

CVE-2019-10654 MEDIUM POC
5.5 Mar 30

The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote at

CVE-2018-9058 MEDIUM POC
5.5 Mar 27

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c. Rated medium sever

CVE-2018-5786 MEDIUM POC
5.5 Jan 19

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.

CVE-2018-5747 MEDIUM POC
5.5 Jan 17

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Rated medium seve

CVE-2018-5650 MEDIUM POC
5.5 Jan 12

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzi

Share

CVE-2017-8846 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy