VDB
GCVE-110-MAGEIA-2020-127
GCVE-110-MAGEIA-2020-127
Advisory Published
The updated packages fix several issues including security vulnerabilities:
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c
has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call.
For example, bsdtar crashes via a crafted archive. (CVE-2019-19221)
archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to
unpack a RAR5 file with an invalid or corrupted header (such as a header
size of zero), leading to a SIGSEGV or possibly unspecified other impact.
(CVE-2020-9308)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libarchive | 3.4.0-1.1.mga7 (unaffected), 0 (affected), 0 (affected), 3.4.0-1.1.mga7 (unaffected) | — |
| Mageia | keeperrl | 0 (affected), 0.0.29-1.1.mga7 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.