CVE-2018-1000878 — HIGH (8.8)

Q: How severe is CVE-2018-1000878?

CVE-2018-1000878 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-1000878?

Check the references section above for vendor advisories and patch information. Affected products include: Libarchive Libarchive, Debian Debian Linux, Canonical Ubuntu Linux, Fedoraproject Fedora, Opensuse Leap.

Vulnerability Description

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Libarchive	Libarchive	>= 3.1.0, < 3.4.0
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	14.04
Fedoraproject	Fedora	28
Opensuse	Leap	15.0
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Workstation	7.0

Related Weaknesses (CWE)

CWE-416

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00015.html
http://www.securityfocus.com/bid/106324Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2019:2298Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3698
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909PatchThird Party Advisory
https://github.com/libarchive/libarchive/pull/1105Third Party Advisory
https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504dbPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2018/12/msg00011.htmlThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://usn.ubuntu.com/3859-1/Third Party Advisory
https://www.debian.org/security/2018/dsa-4360Third Party Advisory

FAQ

What is CVE-2018-1000878?

CVE-2018-1000878 is a vulnerability with a CVSS score of 8.8 (HIGH). libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_fo...

How severe is CVE-2018-1000878?

CVE-2018-1000878 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-1000878?

Check the references section above for vendor advisories and patch information. Affected products include: Libarchive Libarchive, Debian Debian Linux, Canonical Ubuntu Linux, Fedoraproject Fedora, Opensuse Leap.