- Description
- libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 4
- Impact score
- 1.4
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
- cve@mitre.org
- CWE-126
- Hype score
- Not currently trending
New post from https://t.co/uXvPWJy6tj (CVE-2024-57970 | libarchive up to 3.7.7 TAR Archive archive_read_support_format_tar.c header_gnu_longlink buffer over-read (Issue 2415)) has been published on https://t.co/w2gUjeW6tE
@WolfgangSesin
16 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-57970 libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncat… https://t.co/83z7i9rD5N
@CVEnew
16 Feb 2025
933 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes