PT-2025-24555 · Unknown+6 · Libarchive+6

Carnil

Published

2025-04-07

Updated

2026-04-02

CVE-2025-5916

CVSS v3.1

5.6

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions libarchive (affected versions not specified)

Description A flaw has been identified in the libarchive library involving an integer overflow. This issue can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64 MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

AZL-63759

AZL-63774

AZL-63824

AZL-63863

BDU:2025-11085

CVE-2025-5916

DLA-4368-1

ECHO-D190-0A7D-9920

JLSEC-2025-248

MGASA-2025-0200

OESA-2025-1623

OESA-2025-1624

OESA-2025-1656

OESA-2025-1657

OESA-2025-1658

OPENSUSE-SU-2025:15388-1

SUSE-SU-2025:02522-1

SUSE-SU-2025:02522-2

SUSE-SU-2025:02566-1

SUSE-SU-2025:02718-1

SUSE-SU-2025:02718-2

SUSE-SU-2025:20560-1

SUSE-SU-2025:20594-1

SUSE-SU-2025_02522-1

SUSE-SU-2025_02522-2

SUSE-SU-2025_02566-1

SUSE-SU-2025_02718-2

USN-7601-1

USN-8147-1

Affected Products

Astra Linux

Debian

Linuxmint

Red Os

Suse

Ubuntu

Libarchive

PT-2025-24555 · Unknown+6 · Libarchive+6

CVE-2025-5916

Weakness Enumeration

Related Identifiers

Affected Products

References · 93