CVE-2021-36976
20.07.2021, 07:15
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libarchive | libarchive | 3.4.1 ≤ 𝑥 ≤ 3.5.2 |
| apple | ipados | 𝑥 < 15.4 |
| apple | iphone_os | 𝑥 < 15.4 |
| apple | macos | 𝑥 < 12.3 |
| apple | watchos | 𝑥 < 8.5 |
| splunk | universal_forwarder | 8.2.0 ≤ 𝑥 < 8.2.12 |
| splunk | universal_forwarder | 9.0.0 ≤ 𝑥 < 9.0.6 |
| splunk | universal_forwarder | 9.1.0 |
𝑥
= Vulnerable software versions
Windows Releases
Platform | Version | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Windows 10 |
| ||||||||||
| Windows 11 |
| ||||||||||
| Windows Server |
| ||||||||||
| Windows Server 2019 |
| ||||||||||
| Windows Server 2022 |
|
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bsdtar |
| ||||||||||||||||||||||||||||||||
| libarchive-devel |
| ||||||||||||||||||||||||||||||||
| libarchive13 |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| bsdcat |
| ||
| bsdcat-debuginfo |
| ||
| bsdcpio |
| ||
| bsdcpio-debuginfo |
| ||
| bsdtar |
| ||
| bsdtar-debuginfo |
| ||
| libarchive |
| ||
| libarchive-debuginfo |
| ||
| libarchive-debugsource |
| ||
| libarchive-devel |
|
Azure Linux Releases
Common Weakness Enumeration
References