packages/libarchive
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2024-26256 CVE-2024-43495

Browse Source
This commit is contained in:
lingsheng 2024-09-19 02:28:46 +00:00
parent 7a5cb65884
commit 9951af39e9
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-CVE-2024-26256-CVE-2024-43495.patch Normal file
View File

@ -0,0 +1,33 @@
From b7b0c7c4379531206a53634a12a02a8d45b28a2f Mon Sep 17 00:00:00 2001
From: terrynini <terrynini38514@gmail.com>
Date: Wed, 14 Aug 2024 16:01:21 +0800
Subject: [PATCH] Fix CVE-2024-26256 (#2269)
Opening a manipulated RAR archive could lead to remote code execution
Security: CVE-2024-26256
Co-authored-by: Timothy Lyanguzov <theta682@gmail.com>
---
libarchive/archive_read_support_format_rar.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
index fb7cfde7..f4dcb752 100644
--- a/libarchive/archive_read_support_format_rar.c
+++ b/libarchive/archive_read_support_format_rar.c
@@ -3428,6 +3428,12 @@ run_filters(struct archive_read *a)
return 0;
}
+ if (filter->blocklength > VM_MEMORY_SIZE)
+ {
+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, "Bad RAR file data");
+ return 0;
+ }
+
ret = copy_from_lzss_window(a, filters->vm->memory, start, filter->blocklength);
if (ret != ARCHIVE_OK)
return 0;
--
2.33.0

9
libarchive.spec
View File

@ -2,7 +2,7 @@
Name: libarchive Name: libarchive
Version: 3.7.1 Version: 3.7.1
Release: 3 Release: 4
Summary: Multi-format archive and compression library Summary: Multi-format archive and compression library
License: BSD License: BSD
URL: https://www.libarchive.org/ URL: https://www.libarchive.org/
@ -10,6 +10,7 @@ Source0: https://libarchive.org/downloads/%{name}-%{version}.tar.gz
Patch6000: backport-CVE-2024-20697-CVE-2024-26256.patch Patch6000: backport-CVE-2024-20697-CVE-2024-26256.patch
Patch6001: backport-CVE-2024-20696.patch Patch6001: backport-CVE-2024-20696.patch
Patch6002: backport-CVE-2024-26256-CVE-2024-43495.patch
BuildRequires: gcc bison sharutils zlib-devel bzip2-devel xz-devel BuildRequires: gcc bison sharutils zlib-devel bzip2-devel xz-devel
BuildRequires: lzo-devel e2fsprogs-devel libacl-devel libattr-devel BuildRequires: lzo-devel e2fsprogs-devel libacl-devel libattr-devel
@ -201,6 +202,12 @@ run_testsuite
%{_mandir}/*/bsdunzip* %{_mandir}/*/bsdunzip*
%changelog %changelog
* Thu Sep 19 2024 lingsheng <lingsheng1@h-partners.com> - 3.7.1-4
- Type:CVE
- ID:CVE-2024-26256,CVE-2024-43495
- SUG:NA
- DESC:fix CVE-2024-26256 CVE-2024-43495
* Thu Jun 06 2024 lingsheng <lingsheng1@h-partners.com> - 3.7.1-3 * Thu Jun 06 2024 lingsheng <lingsheng1@h-partners.com> - 3.7.1-3
- Type:CVE - Type:CVE
- ID:CVE-2024-20696 - ID:CVE-2024-20696