Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-5918

Опубликовано: 09 июн. 2025
Источник: debian
EPSS Низкий

Описание

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libarchiveunfixedpackage
libarchiveno-dsatrixiepackage
libarchiveno-dsabookwormpackage
libarchivepostponedbullseyepackage

Примечания

  • https://github.com/libarchive/libarchive/pull/2584

  • Fixed by: https://github.com/libarchive/libarchive/commit/dcbf1e0ededa95849f098d154a25876ed5754bcf (v3.8.0)

  • Regression: https://github.com/libarchive/libarchive/issues/2641

  • Regression fixed by: https://github.com/libarchive/libarchive/commit/51b4c35bb38b7df4af24de7f103863dd79129b01

EPSS

Процентиль: 6%
0.00025
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-5918

CVSS3: 3.9
ubuntu
5 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

redhat логотип

CVE-2025-5918

CVSS3: 3.9
redhat
6 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

nvd логотип

CVE-2025-5918

CVSS3: 3.9
nvd
5 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

msrc логотип

CVE-2025-5918

CVSS3: 3.9
msrc
2 месяца назад

Libarchive: reading past eof may be triggered for piped file streams

github логотип

GHSA-3hqh-8h99-q2cf

CVSS3: 3.9
github
5 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

EPSS

Процентиль: 6%
0.00025
Низкий
Уязвимость CVE-2025-5918