CVE-2016-9296

A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
7-zipp7zip
16.02
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
p7zip
bookworm
16.02+dfsg-8
fixed
bullseye
16.02+dfsg-8
fixed
jessie
not-affected
sid
16.02+transitional.1
fixed
trixie
16.02+transitional.1
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
p7zip
artful
ignored
bionic
not-affected
precise
ignored
trusty
not-affected
xenial
not-affected
yakkety
ignored
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
p7zip
suse enterprise desktop 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise desktop 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise desktop 15 SP7
16.02-150200.14.12.1
fixed
suse enterprise sap 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise sap 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise sap 15 SP7
16.02-150200.14.12.1
fixed
suse enterprise server 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise server 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise server 15 SP7
16.02-150200.14.12.1
fixed
p7zip-full
suse enterprise desktop 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise desktop 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise desktop 15 SP7
16.02-150200.14.12.1
fixed
suse enterprise sap 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise sap 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise sap 15 SP7
16.02-150200.14.12.1
fixed
suse enterprise server 15 SP5
16.02-150200.14.9.2
fixed
suse enterprise server 15 SP6
16.02-150200.14.9.2
fixed
suse enterprise server 15 SP7
16.02-150200.14.12.1
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94294
https://github.com/yangke/7zip-null-pointer-dereference
https://sourceforge.net/p/p7zip/bugs/185/
https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/
http://www.securityfocus.com/bid/94294
https://github.com/yangke/7zip-null-pointer-dereference
https://sourceforge.net/p/p7zip/bugs/185/
https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/