Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-5917

Опубликовано: 09 июн. 2025
Источник: ubuntu
Приоритет: medium
CVSS3: 2.8

Описание

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

РелизСтатусПримечание
devel

released

3.7.7-0ubuntu3
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/focal

needs-triage

esm-infra/xenial

needs-triage

jammy

released

3.6.0-1ubuntu1.5
noble

released

3.7.2-2ubuntu0.5
oracular

released

3.7.4-1ubuntu0.3
plucky

released

3.7.7-0ubuntu2.3
upstream

needs-triage

Показывать по

2.8 Low

CVSS3

Связанные уязвимости

CVSS3: 2.8
redhat
3 месяца назад

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

CVSS3: 2.8
nvd
около 2 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

CVSS3: 2.8
debian
около 2 месяцев назад

A vulnerability has been identified in the libarchive library. This fl ...

CVSS3: 2.8
github
около 2 месяцев назад

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

suse-cvrf
7 дней назад

Security update for libarchive

2.8 Low

CVSS3