libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes, realloc with new_ ...