VDB

GCVE-110-MAGEIA-2020-127

GCVE-110-MAGEIA-2020-127
Advisory Published
Vulnetix · Advisory published March 6, 2020
The updated packages fix several issues including security vulnerabilities: In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. (CVE-2019-19221) archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. (CVE-2020-9308)

Affected Products

VendorProductVersionsPlatforms
Mageialibarchive3.4.0-1.1.mga7 (unaffected), 0 (affected), 0 (affected), 3.4.0-1.1.mga7 (unaffected)
Mageiakeeperrl0 (affected), 0.0.29-1.1.mga7 (unaffected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›