CVE-2025-5915

CVSS v3.1

6.6

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions libarchive (affected versions not specified)

Description A flaw in the libarchive library can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This can cause the library to attempt to read beyond the allocated memory buffer, resulting in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

AZL-63786

AZL-63857

BDU:2025-11855

CVE-2025-5915

ECHO-EF0F-BB47-0359

MGASA-2025-0200

OESA-2025-1623

OESA-2025-1624

SUSE-SU-2025:02566-1

SUSE-SU-2025:02718-1

SUSE-SU-2025:02718-2

SUSE-SU-2025:20560-1

SUSE-SU-2025:20594-1

SUSE-SU-2025_02566-1

SUSE-SU-2025_02718-2

USN-7601-1

Affected Products

Astra Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Libarchive

CVE-2025-5915

Weakness Enumeration

Related Identifiers

Affected Products

References · 68