CVE-2025-5915

Medium CVSS: 6.6

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.

Vendor

Libarchive

Product

Libarchive

CWE

CWE-122

Yayın Tarihi

2025-06-09 20:15:26

Güncelleme

2026-01-08 04:15:55

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-122 Libarchive MEDIUM Libarchive 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0

Benzer Kayıtlar

Medium

CVE-2025-60753

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c whe…

Low

CVE-2025-5916

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be trigge…

Low

CVE-2025-5917

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when ha…

Low

CVE-2025-5918

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped in…

High

CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data…

High

CVE-2024-48615

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pa…