CVE-2021-36976
Summary
| CVE | CVE-2021-36976 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-07-20 07:15:00 UTC |
|---|
| Updated | 2024-03-27 16:04:00 UTC |
|---|
| Description | libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Full Disclosure: APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4 |
FULLDISC |
seclists.org |
|
| Full Disclosure: APPLE-SA-2022-03-14-4 macOS Monterey 12.3 |
FULLDISC |
seclists.org |
|
| oss-fuzz-vulns/OSV-2021-557.yaml at main · google/oss-fuzz-vulns · GitHub |
MISC |
github.com |
|
| 32375 -
oss-fuzz -
OSS-Fuzz: Fuzzing the planet -
Monorail |
MISC |
bugs.chromium.org |
|
| About the security content of watchOS 8.5 - Apple Support |
CONFIRM |
support.apple.com |
|
| About the security content of iOS 15.4 and iPadOS 15.4 - Apple Support |
CONFIRM |
support.apple.com |
|
| [SECURITY] Fedora 35 Update: libarchive-3.5.3-1.fc35 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| About the security content of macOS Monterey 12.3 - Apple Support (PH) |
CONFIRM |
support.apple.com |
|
| [SECURITY] Fedora 35 Update: libarchive-3.5.3-1.fc35 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| Full Disclosure: APPLE-SA-2022-03-14-2 watchOS 8.5 |
FULLDISC |
seclists.org |
|
| libarchive: Multiple Vulnerabilities (GLSA 202208-26) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 182946 Debian Security Update for libarchive (CVE-2021-36976)
- 198669 Ubuntu Security Notification for libarchive Vulnerabilities (USN-5291-1)
- 282426 Fedora Security Update for libarchive (FEDORA-2022-9bb794c5f5)
- 354321 Amazon Linux Security Advisory for libarchive : ALAS2022-2022-201
- 354419 Amazon Linux Security Advisory for libarchive : ALAS2022-2022-059
- 354576 Amazon Linux Security Advisory for libarchive : ALAS-2022-201
- 355173 Amazon Linux Security Advisory for libarchive : ALAS2023-2023-071
- 376485 Apple MacOS Monterey 12.3 Not Installed (HT213183)
- 376502 Cygwin libarchive Package Multiple Security Vulnerabilities
- 378599 Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)
- 378883 Splunk Enterprise August Third Party Package Updates (SVD-2023-0808)
- 501419 Alpine Linux Security Update for libarchive
- 501965 Alpine Linux Security Update for libarchive
- 504051 Alpine Linux Security Update for libarchive
- 610404 Apple iOS 15.4 and iPadOS 15.4 Security Update Missing
- 671195 EulerOS Security Update for libarchive (EulerOS-SA-2022-1011)
- 671221 EulerOS Security Update for libarchive (EulerOS-SA-2022-1031)
- 671320 EulerOS Security Update for libarchive (EulerOS-SA-2022-1256)
- 671331 EulerOS Security Update for libarchive (EulerOS-SA-2022-1244)
- 710601 Gentoo Linux libarchive Multiple Vulnerabilities (GLSA 202208-26)
- 751928 OpenSUSE Security Update for libarchive (openSUSE-SU-2022:0944-1)
- 752017 SUSE Enterprise Linux Security Update for libarchive (SUSE-SU-2022:0944-1)
- 752203 SUSE Enterprise Linux Security Update for libarchive (SUSE-SU-2022:1930-1)
- 753607 SUSE Enterprise Linux Security Update for libarchive (SUSE-SU-2022:0944-2)
- 900204 CBL-Mariner Linux Security Update for libarchive 3.4.2
- 901760 Common Base Linux Mariner (CBL-Mariner) Security Update for libarchive (6614-1)
- 903777 Common Base Linux Mariner (CBL-Mariner) Security Update for libarchive (4585-1)
- 91851 Microsoft Windows Security Update for January 2022
