CVE-2025-5916

Low CVSS: 3.9

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.

Vendor

Libarchive

Product

Libarchive

CWE

CWE-190

Yayın Tarihi

2025-06-09 20:15:27

Güncelleme

2025-12-12 01:15:46

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-190 Libarchive LOW Libarchive 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0

Benzer Kayıtlar

Medium

CVE-2025-60753

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c whe…

Low

CVE-2025-5917

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when ha…

Low

CVE-2025-5918

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped in…

High

CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data…

Medium

CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the…

High

CVE-2024-48615

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pa…