Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libarchive 代码问题漏洞
Vulnerability Description
libarchive是一款多格式存档和压缩库。 libarchive 3.6.1版本存在代码问题漏洞,该漏洞源于在调用calloc函数后不会检查错误,如果函数失败,calloc函数会返回NULL指针,从而导致NULL指针取消引用。攻击者利用该漏洞可以执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A