CVE-2024-26256
Libarchive Remote Code Execution Vulnerability
In short
Libarchive, a library used to extract files from compressed archives, has a vulnerability that allows attackers to run malicious code on your computer by crafting a specially designed archive file. When you extract this malicious archive, the attacker's code executes with the same privileges as your application.
Technical detail
A buffer overflow vulnerability (CWE-122) in libarchive's archive extraction routine allows remote code execution when processing specially crafted archive files. The attack vector requires user interaction to extract a malicious archive; successful exploitation grants arbitrary code execution in the context of the vulnerable application.
Summary generated and translated by AI from the official description.
Libarchive Remote Code Execution Vulnerability
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Windows 11 version 22H2Microsoft · Windows 11 version 22H3Microsoft · Windows 11 Version 23H2Microsoft · Windows Server 2022, 23H2 Edition (Server Core installation)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/LeSuisse/nixpkgs/commit/81b82a2934521dffef76f7ca305d8d4e22fe7262https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237.patchhttps://github.com/libarchive/libarchive/releases/tag/v3.7.4https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWANFZ6NEMXFCALXWI2AFKYBOLONAVFC/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TWAMR5TY47UKVYMWQXB34CWSBNTRYMBV/https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256https://www.openwall.com/lists/oss-security/2024/06/04/2http://www.openwall.com/lists/oss-security/2024/06/04/2http://www.openwall.com/lists/oss-security/2024/06/05/1