CVE-2016-8689 affects libarchive 3.2.1 and can let a remote attacker crash a process that parses a specially crafted 7zip archive. NVD describes the flaw as an out-of-bounds read in read_Header() inside archive_read_support_format_7zip.c, with the impact limited to denial of service. Because the trigger is a malformed archive, the risk is highest for applications and services that accept untrusted archive [truncated]
CVE-2016-8688 is a denial-of-service flaw in libarchive’s mtree support. When the mtree bidder extends read-ahead without tracking line sizes correctly, crafted archive content can trigger an invalid read in detect_form or bid_entry and crash the process. The NVD record rates this as a medium-severity availability issue and lists affected libarchive 3.2.1 deployments, with distribution advisories and an u [truncated]
