Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-5914

Опубликовано: 09 июн. 2025
Источник: ubuntu
Приоритет: medium
CVSS3: 3.9

Описание

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

РелизСтатусПримечание
devel

released

3.7.7-0ubuntu3
esm-infra-legacy/trusty

needed

esm-infra/bionic

needed

esm-infra/focal

needed

esm-infra/xenial

needed

jammy

released

3.6.0-1ubuntu1.5
noble

released

3.7.2-2ubuntu0.5
oracular

released

3.7.4-1ubuntu0.3
plucky

released

3.7.7-0ubuntu2.3
upstream

needs-triage

Показывать по

3.9 Low

CVSS3

Связанные уязвимости

CVSS3: 3.9
redhat
3 месяца назад

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

CVSS3: 3.9
nvd
около 2 месяцев назад

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

CVSS3: 3.9
debian
около 2 месяцев назад

A vulnerability has been identified in the libarchive library, specifi ...

CVSS3: 3.9
github
около 2 месяцев назад

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

3.9 Low

CVSS3