CVE-2025-15570

Name of the Vulnerable Software and Affected Versions lrzip versions up to 0.651

Description A flaw exists in lrzip that involves a use-after-free condition within the lzma decompress buf function located in the stream.c file. Local access is required for exploitation. The exploit has been publicly disclosed. The project maintainers were notified of the issue but have not yet responded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.