
Google experts found a flaw, tracked as CVE-2019-18408, in the compression library libarchive could lead to arbitrary code execution.
Google experts found a vulnerability, tracked as CVE-2019-18408, in the compression library
The
Several operating system
Both Windows and
The CVE-2019-18408 vulnerability is a use-after-free issue that could be exploited to cause a denial of service condition, and potentially to execute arbitrary code. The vulnerability could be exploited by tricking the victim into opening a specially-crafted malformed archive.
Google researchers discovered the CVE-2019-18408 vulnerability via OSS-Fuzz.
“archive_read_format_rar_read_data in archive_read_support_format_rar
The vulnerability has been already patched with the release of the version 3.4.0.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – libarchive, malware)
[adrotate banner=”5″]
[adrotate banner=”13″]



