Описание
ELSA-2025-14135: libarchive security update (IMPORTANT)
[3.3.3-6]
- Resolves: CVE-2025-5914
- Skip compression-level=1 size check on s390x.
- Related to https://github.com/libarchive/libarchive/issues/1515
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
bsdtar
3.3.3-6.el8_10
libarchive
3.3.3-6.el8_10
libarchive-devel
3.3.3-6.el8_10
Oracle Linux x86_64
bsdtar
3.3.3-6.el8_10
libarchive
3.3.3-6.el8_10
libarchive-devel
3.3.3-6.el8_10
Связанные CVE
Связанные уязвимости
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
A vulnerability has been identified in the libarchive library, specifi ...