CVE-2016-2335Improper Restriction of Operations within the Bounds of a Memory Buffer in P7zip

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents7 sources
Severity
8.8HIGHNVD
EPSS
2.1%
top 16.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
7-zip P7zipDebian P7zip7-zip+2 more
Timeline
PublishedJun 7
Latest updateMay 14

Description

The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

debiandebian/p7zip< p7zip 15.14.1+dfsg-2 (bookworm)
Debian7-zip/p7zip< 15.14.1+dfsg-2+2
NVD7-zip/7-zip15.05, 9.20+1

Also affects: Debian Linux 8.0, 9.0

🔴Vulnerability Details

2
GHSA
GHSA-p2xg-m23c-2mm9: The CInArchive::ReadFileItem method in Archive/Udf/UdfIn2022-05-14
OSV
CVE-2016-2335: The CInArchive::ReadFileItem method in Archive/Udf/UdfIn2016-06-07

📋Vendor Advisories

2
Ubuntu
P7ZIP vulnerabilities2019-03-21
Debian
CVE-2016-2335: p7zip - The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15...2016

🕵️Threat Intelligence

1
Talos
Multiple 7-Zip Vulnerabilities Discovered by Talos2016-05-11

💬Community

3
Bugzilla
CVE-2016-2334 CVE-2016-2335 p7zip: various flaws [fedora-all]2016-05-12
Bugzilla
CVE-2016-2334 CVE-2016-2335 p7zip: various flaws [epel-all]2016-05-12
Bugzilla
CVE-2016-2335 p7zip: Out-of-bounds read vuilerability2016-05-12
CVE-2016-2335 — Debian P7zip vulnerability | cvebase