CVEs-PoC/2015/CVE-2015-8916.md at ef21a24366f7bbc1220842143b6857a7549ce607

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-26 20:40:27 +01:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

POC

Reference

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.ubuntu.com/usn/USN-3033-1
https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html

Github

https://github.com/mrash/afl-cve

901 B Raw Blame History

CVE-2015-8916

Description

POC

Reference

Github

901 B

Raw Blame History