Bugzilla – Bug 1155079
VUL-1: CVE-2019-18408: libarchive: use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol
Last modified: 2020-07-10 13:35:47 UTC
CVE-2019-18408 archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18408 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14689 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18408.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18408 https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60 https://github.com/libarchive/libarchive/compare/v3.3.3...v3.4.0
Judging from the patch [1] both SLE12 and SLE15 seem affected. The version in Factory is 3.4.0 which already ships the fixed version. [1] https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60
submissions to fix SLE 11, 12 and 15 are in requests 203990, 203989 and 203991 . reassigning to security team.
Bsdtar 2.5.5 in SLE 11 is not affected by this bug. The vulnerable code is not present there. (RAR support was added in version 3.0 / git commit 099075c11ce9143f7375ed4b1264a10a45a072f9.)
SUSE-SU-2019:3093-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 1120653,1120654,1124341,1124342,1155079 CVE References: CVE-2018-1000877,CVE-2018-1000878,CVE-2019-1000019,CVE-2019-1000020,CVE-2019-18408 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): libarchive-3.3.2-3.11.1 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): libarchive-3.3.2-3.11.1 SUSE Linux Enterprise Module for Development Tools 15 (src): libarchive-3.3.2-3.11.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): libarchive-3.3.2-3.11.1 SUSE Linux Enterprise Module for Basesystem 15 (src): libarchive-3.3.2-3.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:3092-1: An update that fixes 10 vulnerabilities is now available. Category: security (moderate) Bug References: 1032089,1037008,1037009,1059134,1059139,1120653,1120654,1124341,1124342,1155079 CVE References: CVE-2016-10209,CVE-2016-10349,CVE-2016-10350,CVE-2017-14501,CVE-2017-14502,CVE-2018-1000877,CVE-2018-1000878,CVE-2019-1000019,CVE-2019-1000020,CVE-2019-18408 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): libarchive-3.1.2-26.6.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): libarchive-3.1.2-26.6.1 SUSE Linux Enterprise Server 12-SP5 (src): libarchive-3.1.2-26.6.1 SUSE Linux Enterprise Server 12-SP4 (src): libarchive-3.1.2-26.6.1 SUSE Linux Enterprise Desktop 12-SP4 (src): libarchive-3.1.2-26.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:2615-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 1120653,1120654,1124341,1124342,1155079 CVE References: CVE-2018-1000877,CVE-2018-1000878,CVE-2019-1000019,CVE-2019-1000020,CVE-2019-18408 Sources used: openSUSE Leap 15.0 (src): libarchive-3.3.2-lp150.10.1
openSUSE-SU-2019:2632-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 1120653,1120654,1124341,1124342,1155079 CVE References: CVE-2018-1000877,CVE-2018-1000878,CVE-2019-1000019,CVE-2019-1000020,CVE-2019-18408 Sources used: openSUSE Leap 15.1 (src): libarchive-3.3.2-lp151.5.3.1
Done