HomeSuseCVE-2015-8934

CVE-2015-8934

MEDIUM
5.5CVSS
Published: 2016-09-20
Updated: 2025-04-12
AI Analysis

Description

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

CVSS Metrics

Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
local
Complexity
low
Privileges
none
User Action
required
Scope
unchanged
Confidentiality
none
Integrity
none
Availability
high
Weaknesses
CWE-125

Metadata

Primary Vendor
SUSE
Published
9/20/2016
Last Modified
4/12/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

suse : linux_enterprise_desktopsuse : linux_enterprise_serversuse : linux_enterprise_software_development_kitcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxlibarchive : libarchive

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2015-8934 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com