USN-2981-1 libarchive vulnerabilities

Severity

Medium

Vendor

Libarchive, Canonical Ubuntu

Versions Affected

Ubuntu 14.04 LTS

Description

It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1541)

Affected Products and Versions

Severity is medium unless otherwise noted.

All versions of Cloud Foundry cflinuxfs2 prior to v.1.58.0

Mitigation

Users of affected versions should apply the following mitigation:

The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.58.0 or later versions

References

http://www.ubuntu.com/usn/usn-2981-1/
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1541.html

USN-2981-1 libarchive vulnerabilities

Severity

Vendor

Versions Affected

Description

Affected Products and Versions

Mitigation

References

You Might Also Like

CVE-2021-22115: CAPI logs service broker credentials

USN-3808-1: Ruby vulnerabilities

CVE-2019-3798: Escalation of Privileges in Cloud Controller

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!