PT-2025-24557 · Unknown+7 · Libarchive+7

Carnil

Published

2025-04-07

Updated

2026-04-07

CVE-2025-5918

CVSS v3.1

6.6

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions libarchive (affected versions not specified)

Description A flaw in the libarchive library can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

AZL-63753

AZL-63780

AZL-63821

AZL-63851

BDU:2025-11083

CVE-2025-5918

DLA-4368-1

ECHO-52D0-6D58-7432

OESA-2025-1623

OESA-2025-1624

OESA-2025-1656

OESA-2025-1657

OESA-2025-1658

SUSE-SU-2025:02566-1

SUSE-SU-2025:02718-1

SUSE-SU-2025:02718-2

SUSE-SU-2025:20560-1

SUSE-SU-2025:20594-1

SUSE-SU-2025_02566-1

SUSE-SU-2025_02718-2

USN-8147-1

Affected Products

Astra Linux

Debian

Linuxmint

Apple Macos

Red Os

Suse

Ubuntu

Libarchive

PT-2025-24557 · Unknown+7 · Libarchive+7

CVE-2025-5918

Weakness Enumeration

Related Identifiers

Affected Products

References · 79