VDB

GCVE-VVD-MAGEIA-2019-30

GCVE-VVD-MAGEIA-2019-30
Advisory Published
Vulnetix · Advisory published May 12, 2019
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header (CVE-2017-14502). Multiple security issues were found in libarchive: Processing malformed RAR archives could result in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service (CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000879, CVE-2018-1000880).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiabluez0 (affected), 5.45-2.3.mga6 (unaffected)
Mageialibarchive0 (affected), 3.3.1-1.4.mga6 (unaffected), 0 (affected), 3.3.1-1.4.mga6 (unaffected)

Aliases

CVE-2018-1000879CVE-2018-1000880CVE-2017-14502

Transitive aliases

OPENSUSE-SU-2019:1196-1EUVD-2018-2056OPENSUSE-SU-2024:10925-1BDU:2019-00927EUVD-2018-2057BDU:2020-01816SUSE-SU-2019:0831-1GSD-2018-1000879GHSA-vg7w-5p64-2q65BDU:2019-00929EUVD-2017-6004WID-SEC-W-2024-2070CNVD-2019-07064GHSA-7pgj-273w-w98jGHSA-w2pg-4hrq-9q8x

References

Updated libarchive packages fix security vulnerabilities
advisory
Updated libarchive packages fix security vulnerabilities
advisory
Updated libarchive packages fix security vulnerabilities
issue
Updated libarchive packages fix security vulnerabilities
issue
Updated bluez packages fix starting obexd service
advisory
Updated bluez packages fix starting obexd service
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›