CVE-2015-8934
MEDIUMSuse Linux Enterprise Desktop < 3.1.901a - Out-of-Bounds Read
Title source: ruleDescription
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
References (12)
Scores
CVSS v3
5.5
EPSS
0.0136
EPSS Percentile
79.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Classification
CWE
CWE-125
Status
published
Affected Products (9)
suse/linux_enterprise_desktop
suse/linux_enterprise_server
suse/linux_enterprise_software_development_kit
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
libarchive/libarchive
< 3.1.901a
n/a/n/a
Timeline
Published
Sep 20, 2016
Tracked Since
Feb 18, 2026