CVE-2021-36976: 
vulnerability analysis and mitigation

CVE-2021-36976 is a use-after-free vulnerability discovered in libarchive versions 3.4.1 through 3.5.1. The vulnerability specifically affects the copystring function when called from douncompressblock and processblock functions. The issue was first published on March 25, 2021, and has since been patched in multiple versions of the software (OSS-Fuzz).

The vulnerability is classified as a heap-use-after-free issue that occurs during read operations in the copy_string function. The bug was discovered through OSS-Fuzz testing and was assigned a HIGH severity rating. The vulnerability affects multiple versions of libarchive, including v3.4.1 through v3.5.1 (OSS-Fuzz).

The vulnerability could lead to multiple memory corruption issues in libarchive, potentially resulting in arbitrary code execution or application crashes. The issue affects various systems and applications that utilize libarchive, including Apple's iOS, iPadOS, macOS, and watchOS operating systems (Apple HT213182, Apple HT213183, Apple HT213193).

Multiple vendors have released patches to address this vulnerability. Apple has included fixes in iOS 15.4, iPadOS 15.4, macOS Monterey 12.3, and watchOS 8.5. Fedora has released version 3.5.3-1 for Fedora 35, and Gentoo has patched the issue in version 3.6.1 (Fedora Update, Gentoo GLSA).