Integer overflow in the readSubStreamsInfo function in archivereadsupportformat_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
{ "vanir_signatures": [ { "signature_version": "v1", "deprecated": false, "target": { "file": "libarchive/archive_read_support_format_7zip.c", "function": "read_SubStreamsInfo" }, "source": "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", "digest": { "length": 2649.0, "function_hash": "46239902704382672067472777073698420896" }, "signature_type": "Function", "id": "CVE-2016-4300-15650bc9" }, { "signature_version": "v1", "deprecated": false, "target": { "file": "libarchive/archive_read_support_format_7zip.c" }, "source": "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", "digest": { "line_hashes": [ "114121825398685049637523548521724163081", "158255184811572789911284109468266521732", "335493315037050148892950470981890599307", "209098857150887945768214746267601235406" ], "threshold": 0.9 }, "signature_type": "Line", "id": "CVE-2016-4300-dee1363a" } ] }