This issue could be exploited via the ‘zip’ extension to read arbitrary files on the local system. Libarchive v3.6.0 was discovered to contain a buffer overflow via the component zipx_lzma_alone_init.

This could be exploited to cause a denial-of-service condition. Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_unzip_read.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.6.0 was discovered to contain a use-after-free via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.6.0 was discovered to contain a memory leak via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.6.0 was discovered to contain a memory leak via the component zipx_unzip_read.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.6.0 was discovered to contain a memory leak via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.6.

Libarchive v4.0.0

This issue could be exploited to cause a denial-of-service condition. Libarchive v4.0.0 was discovered to contain an out-of-bounds read via the component zipx_unzip_read.

This issue could be exploited to cause a denial-of-service condition. Libarchive v4.0.0 was discovered to contain a use-after-free via the component zipx_unzip_read.

This issue could be exploited to cause a denial-of-service condition. Libarchive v4.0.0 was discovered to contain a memory leak via the component zipx_lzma_init.

Libarchive v3.7.0

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.7.0 was discovered to contain an out-of-bounds read via the component zipx_unzip_read.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.7.0 was discovered to contain a use-after-free via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.7.0 was discovered to contain a memory leak via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.7.0 was discovered to contain a memory leak via the component zipx_unzip_read

Libarchive 3.6.1 Released:

Libarchive 3.6.1 has been released to address the following vulnerabilities:
CVE-2022-26280 - An issue that could be exploited via the ‘zip’ extension to read arbitrary files on the local system.
CVE-2022-26229 - An issue that could be exploited to cause a denial-of-service condition.
CVE-2022-26235 - Memory leak in Libarchive v3.6.0, which could be exploited to cause a denial-of-service condition.
CVE-2022-26236 - Out of bounds read in Libarchive v3.6.0, which could be exploited to cause a denial-of-service condition.

Libarchive v3.5.0 (CVE-2016-10336, CVE-2016-10337, CVE-2016-10338)

Vulnerabilities in libarchive 3.5.0
Libarchive v3.5.0 was discovered to contain a heap overflow via the component zipx_lzma_init.

This issue could be exploited to cause a denial-of-service condition. Libarchive v3.5.0 was discovered to contain an out-of-bounds read via the component zipx_unzip_read.

Mitigation

Microsoft has released a security update to address this vulnerability. Microsoft recommends the following changes to mitigate the vulnerability:
-Apply Microsoft security update MS16-134
-Disable the 'zip' extension on your system or restrict it to trusted locations
-Configure your anti-virus software or other third party applications to scan for malicious zip files

Timeline

Published on: 03/28/2022 22:15:00 UTC
Last modified on: 08/15/2022 11:18:00 UTC

References