Skip to main content

Libarchive CVE-2025-5917

| EUVDEUVD-2025-17574 MEDIUM
Out-of-bounds Write (CWE-787)
2025-06-09 secalert@redhat.com
5.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
qualitative
SUSE
2.8 MEDIUM
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Red Hat
2.8 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Severity Changed
Jun 25, 2026 - 08:22 NVD
LOW MEDIUM
CVSS changed
Jun 25, 2026 - 08:22 NVD
2.8 (LOW) 5.0 (MEDIUM)
EUVD ID Assigned
Mar 14, 2026 - 19:21 euvd
EUVD-2025-17574
Analysis Generated
Mar 14, 2026 - 19:21 vuln.today
Patch released
Mar 14, 2026 - 19:21 nvd
Patch available
CVE Published
Jun 09, 2025 - 20:15 nvd
LOW 2.8

DescriptionNVD

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.

Analysis

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.

CVE-2024-37407 CRITICAL POC
9.1 Jun 08

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enable

CVE-2016-5418 HIGH POC
7.5 Sep 21

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which mig

CVE-2016-4301 HIGH POC
7.8 Sep 21

Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2

CVE-2016-4302 HIGH POC
7.8 Sep 21

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 a

CVE-2016-4300 HIGH POC
7.8 Sep 21

Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 al

CVE-2015-8931 HIGH POC
7.8 Sep 20

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtr

CVE-2025-5914 HIGH POC
7.8 Jun 09

CVE-2025-5914 is an integer overflow vulnerability in libarchive's archive_read_format_rar_seek_data() function that lea

CVE-2024-48615 HIGH POC
7.5 Mar 28

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pa

CVE-2015-2304 MEDIUM POC
6.4 Mar 15

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arb

CVE-2016-5844 MEDIUM POC
6.5 Sep 21

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (appl

CVE-2016-1541 HIGH
8.8 May 07

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive befo

CVE-2022-26280 MEDIUM POC
6.5 Mar 28

Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. Rated medium s

Vendor StatusVendor

Ubuntu

Priority: Medium
libarchive
Release Status Version
trusty needs-triage -
xenial needs-triage -
bionic needs-triage -
focal needs-triage -
upstream needs-triage -
jammy released 3.6.0-1ubuntu1.5
noble released 3.7.2-2ubuntu0.5
oracular released 3.7.4-1ubuntu0.3
plucky released 3.7.7-0ubuntu2.3
questing released 3.7.7-0ubuntu3

Debian

Bug #1107626
libarchive
Release Status Fixed Version Urgency
bullseye fixed 3.4.3-2+deb11u3 -
bullseye (security) fixed 3.4.3-2+deb11u3 -
bookworm fixed 3.6.2-1+deb12u3 -
bookworm (security) vulnerable 3.6.2-1+deb12u2 -
trixie fixed 3.7.4-4 -
forky, sid fixed 3.8.5-1 -
(unstable) fixed 3.7.4-4 -

SUSE

Severity: Moderate
Product Status
Container bci/spack:0.23.1-11.30 Container containers/lmcache-vllm-openai:0.3.2-1.2 Container containers/pytorch:2.7.0-nvidia-2.39 Container containers/vllm-openai:0.9.1-1.2 Container suse/manager/5.0/x86_64/server:5.0.5.1.7.33.2 Container suse/multi-linux-manager/5.1/x86_64/server:5.1.1.8.7.1 Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure Image SLES15-SP6-SAP-EC2 Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-Azure Image SLES15-SP6-SAPCAL-EC2 Image SLES15-SP6-SAPCAL-GCE Image SLES15-SP7-SAPCAL-Azure Image SLES15-SP7-SAPCAL-EC2 Image SLES15-SP7-SAPCAL-GCE Image ai_15_6 Image server-image Image server-image-sles15sp7 Affected
Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE Image SLES15-SP4-SAP Image SLES15-SP4-SAP-Azure Image SLES15-SP4-SAP-EC2 Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAPCAL Image SLES15-SP4-SAPCAL-Azure Image SLES15-SP4-SAPCAL-EC2 Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-EC2 Image SLES15-SP5-SAPCAL-GCE Affected
SUSE Linux Enterprise Desktop 15 SP6 SUSE Linux Enterprise High Performance Computing 15 SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6 Fixed
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Fixed

Share

CVE-2025-5917 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy