7.8
CVE-2025-5914
- EPSS 0.33%
- Veröffentlicht 09.06.2025 19:53:48
- Zuletzt bearbeitet 30.06.2026 11:16:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Libarchive ≫ Libarchive Version < 3.8.0
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.241 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| secalert@redhat.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://access.redhat.com/security/cve/CVE-2025-5914
https://bugzilla.redhat.com/show_bug.cgi?id=2370861
https://github.com/libarchive/libarchive/pull/2598
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/errata/RHSA-2025:14130
https://access.redhat.com/errata/RHSA-2025:14135
https://access.redhat.com/errata/RHSA-2025:14137
https://access.redhat.com/errata/RHSA-2025:14141
https://access.redhat.com/errata/RHSA-2025:14142
https://access.redhat.com/errata/RHSA-2025:14525
https://access.redhat.com/errata/RHSA-2025:14528
https://access.redhat.com/errata/RHSA-2025:14594
https://access.redhat.com/errata/RHSA-2025:14644
https://access.redhat.com/errata/RHSA-2025:14828
https://access.redhat.com/errata/RHSA-2025:14808
https://access.redhat.com/errata/RHSA-2025:14810
https://access.redhat.com/errata/RHSA-2025:15024
https://access.redhat.com/errata/RHSA-2025:15709
https://access.redhat.com/errata/RHSA-2025:15828
https://access.redhat.com/errata/RHSA-2025:15827
https://access.redhat.com/errata/RHSA-2025:16524
https://access.redhat.com/errata/RHSA-2025:18219
https://access.redhat.com/errata/RHSA-2025:15397
https://access.redhat.com/errata/RHSA-2025:18218
https://access.redhat.com/errata/RHSA-2025:18217
https://access.redhat.com/errata/RHSA-2025:19046
https://access.redhat.com/errata/RHSA-2025:19041
https://access.redhat.com/errata/RHSA-2025:21885
https://access.redhat.com/errata/RHSA-2025:21913
https://access.redhat.com/errata/RHSA-2026:0326
https://access.redhat.com/errata/RHSA-2026:0934
https://access.redhat.com/errata/RHSA-2026:1541