vulnerability
FreeBSD: VID-1a71a972-8ee7-11e6-a590-14dae9d210b8: FreeBSD -- Multiple libarchive vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:C/I:C/A:N) | Oct 10, 2016 | Nov 14, 2016 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:N)
Published
Oct 10, 2016
Added
Nov 14, 2016
Modified
Dec 10, 2025
Description
Problem Description: Flaws in libarchive's handling of symlinks and hard links allow overwriting files outside the extraction directory, or permission changes to a directory outside the extraction directory. Impact: An attacker who can control freebsd-update's or portsnap's input to tar(1) can change file content or permissions on files outside of the update tool's working sandbox.
Solutions
freebsd-upgrade-base-11_0-release-p1freebsd-upgrade-base-10_3-release-p10freebsd-upgrade-base-10_2-release-p23freebsd-upgrade-base-10_1-release-p40
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.