Home » News » Vulnerability in Libarchive Threatens Many Linux Distributions

Vulnerability in Libarchive Threatens Many Linux Distributions

In the summer this year, Google experts, using the ClusterFuzz and OSS-Fuzz tools, discovered a dangerous bug in the Libarchive library. This vulnerability in Libarchive threatens many Linux distributions.

The vulnerability impacts Libarchive, a library for reading and creating compressed files. It is a powerful all-in-one toolkit for working with archive files that also bundles other Linux/BSD utilities like tar, cpio, and cat, making it ideal for a wide variety of operations, and the reason it’s so widely adopted across operating systems.

Libarchive is included by default with Debian, Ubuntu, Gentoo, Arch Linux, FreeBSD, and NetBSD, and the vulnerability allows an attacker to execute arbitrary code on a vulnerable machine.

It is reported that Windows and macOS, which include the library, are not vulnerable.

“Thankfully, Windows and macOS, today’s two most popular operating systems are not impacted; otherwise, the bug would have caused major headaches to users all over the world”, — report ZDNet magazine journalists.

The bug received the identifier CVE-2019-18408. It allows an attacker to execute arbitrary code in the system using a specially created archive file. The problem can be exploited through a malicious file obtained from cybercriminals through local applications that use various components of Libarchive in their work.

Read also: Linux and FreeBSD TCP Stacks Revealed DoS Vulnerabilities

Information about the problem was released only recently, after the release of patches for Linux and FreeBSD. Vulnerability is already fixed in Libarchive version 3.4.0. Most Linux distributions have already fixed the problem.

“The list of vulnerable operating systems and software utilities that ship Libarchive is exhaustive, opening a huge attack surface for malicious threat actors”, — write ZDNet journalists.

GitHub has published a list of vulnerable operating systems and applications, which includes desktop and server operating systems, package managers, security utilities, file browsers and so on, including well-known names such as pkgutils, Pacman, CMake, Nautilus and Samba.

READ  PoC-code for vulnerability in Apache HTTP-server published on GitHub

At this stage, nothing is known about any public exploit code to test this vulnerability or about attempts to exploit it in the wild.

[Total: 0    Average: 0/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

RAT Trojan in WebEx Invitations

Criminals give links to RAT trojan in WebEx invitations

Information security specialist Alex Lanstein discovered an original vector for the distribution of the RAT …

Hacking tournament Pwn2Own Tokyo

Participants of the hacking tournament Pwn2Own Tokyo 2019 hacked Samsung Galaxy S10, Xiaomi Mi9, Amazon Echo and not only

The hacking tournament Pwn2Own Tokyo 2019, traditionally held as part of the PacSec conference and …

Leave a Reply