CVE-2015-8920
MEDIUMNovell Suse Linux Enterprise Software... - Out-of-Bounds Read
Title source: ruleDescription
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
References (12)
Scores
CVSS v3
5.5
EPSS
0.0056
EPSS Percentile
67.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Classification
CWE
CWE-125
Status
published
Affected Products (9)
novell/suse_linux_enterprise_software_development_kit
novell/suse_linux_enterprise_desktop
novell/suse_linux_enterprise_server
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
libarchive/libarchive
< 3.1.901a
n/a/n/a
Timeline
Published
Sep 20, 2016
Tracked Since
Feb 18, 2026