Your submission was sent successfully! Close

CVE-2021-36976

Published: 20 July 2021

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
libarchive
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal
Released (3.4.0-2ubuntu1.1)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish
Released (3.4.3-2ubuntu0.1)
jammy
Released (3.5.2-1ubuntu1)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)