Microsoft Windows: CVE-2021-36976: Libarchive Remote Code Execution Vulnerability
4
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
01/11/2022
01/17/2022
01/11/2022
04/30/2024
Description
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
Solution(s)
- microsoft-windows-windows_11-21h2-kb5009566
- msft-kb5009543-2d080c58-2ca6-466a-a2ae-aba33014fcab
- msft-kb5009543-5e2e3298-8152-4367-8018-784369abb2ea
- msft-kb5009543-8f2cdb3e-53cc-48a4-b2c3-220c4da08157
- msft-kb5009543-a5803982-12d4-4fe3-8b26-22b1dad96181
- msft-kb5009543-b3e0a05d-e0b8-49f8-876a-6621957bbacc
- msft-kb5009543-c9240667-c3d9-4ba0-8a4e-e258473f7b73
- msft-kb5009543-e6a7130f-f52b-4ae1-bd76-f4d96045c0e6
- msft-kb5009545-31934dbe-1363-4af1-9ffd-5efc1cc3c1d6
- msft-kb5009545-92c58401-7a51-4e9d-9457-ca1a93c3e3d9
- msft-kb5009555-6b9c3ec5-e656-420c-bfb0-dbd2eb647b64
- msft-kb5009557-1794af4e-486f-4653-a3eb-f470bfc1af29
- msft-kb5009557-3a327fb5-9867-4a70-abeb-833f92046dc1
- msft-kb5009557-e99746d1-ca30-47a2-9e21-766d4bf642c7
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center