CVE-2024-48958: 
NixOS vulnerability analysis and mitigation

CVE-2024-48958 affects libarchive versions before 3.7.5, specifically in the executefilterdelta function within archivereadsupportformatrar.c. The vulnerability was discovered and disclosed in October 2024, impacting systems using libarchive for handling archive files (NVD, Ubuntu).

The vulnerability is classified as an out-of-bounds access issue (CWE-125) in the executefilterdelta function, where the source pointer (src) can move beyond the destination pointer (dst) when processing crafted archive files. The vulnerability has received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD, Ubuntu).

The vulnerability can lead to high impacts on confidentiality, integrity, and availability of affected systems when exploited. The out-of-bounds access could potentially allow attackers to read sensitive information from memory or cause system crashes (Ubuntu).

The vulnerability has been fixed in libarchive version 3.7.5. Various Linux distributions have released security updates to address this issue, including Ubuntu 24.04 LTS (noble) with version 3.7.2-2ubuntu0.2 and Ubuntu 22.04 LTS (jammy) with version 3.6.0-1ubuntu1.2. Users are advised to update to the patched versions (Ubuntu, Debian).