Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
Summary
| CVE | CVE-2025-5914 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2025-06-09 20:15:26 UTC |
| Updated | 2026-07-14 13:17:56 UTC |
| Description | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. |
Risk And Classification
Primary CVSS: v3.1 7.8 HIGH from [email protected]
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 0.003260000 probability, percentile 0.244690000 (date 2026-07-04)
Problem Types: CWE-190 | CWE-190 Integer Overflow or Wraparound
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | [email protected] | Secondary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | CNA | CVSS | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Libarchive | Libarchive | All | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 9.0 | All | All | All |
| Application | Redhat | Openshift Container Platform | 4.0 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Red Hat | Red Hat Enterprise Linux 10 | unaffected 0:3.7.7-4.el10_0 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support | unaffected 0:3.1.2-14.el7_9.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8 | unaffected 0:3.3.3-6.el8_10 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | unaffected 0:3.3.2-8.el8_2.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 0:3.3.3-1.el8_4.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | unaffected 0:3.3.3-1.el8_4.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | unaffected 0:3.3.3-6.el8_6 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service | unaffected 0:3.3.3-6.el8_6 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions | unaffected 0:3.3.3-6.el8_6 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | unaffected 0:3.3.3-5.el8_8.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8.8 Update Services For SAP Solutions | unaffected 0:3.3.3-5.el8_8.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:3.5.3-6.el9_6 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:3.5.3-6.el9_6 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions | unaffected 0:3.5.3-2.el9_0.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9.2 Update Services For SAP Solutions | unaffected 0:3.5.3-5.el9_2 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | unaffected 0:3.5.3-4.el9_4.1 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.14 | unaffected 414.92.202510211419-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.15 | unaffected 415.92.202601271320-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.16 | unaffected 416.94.202601071926-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.17 | unaffected 417.94.202510112152-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.18 | unaffected 418.94.202510230424-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.19 | unaffected 4.19.9.6.202510140714-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4.20 | unaffected 4.20.9.6.202509251656-0 * rpm | Not specified |
| CNA | Red Hat | Red Hat Web Terminal 1.11 On RHEL 9 | unaffected 1.11-19 * rpm | Not specified |
| CNA | Red Hat | Red Hat Web Terminal 1.11 On RHEL 9 | unaffected 1.11-8 * rpm | Not specified |
| CNA | Red Hat | Red Hat Web Terminal 1.12 On RHEL 9 | unaffected 1.12-4 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-11 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-11 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-11 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-10 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-10 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-4 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-9 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-12 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-18 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-11 * rpm | Not specified |
| CNA | Red Hat | RHOSS-1.36-RHEL-8 | unaffected 1.36.0-7 * rpm | Not specified |
| CNA | Red Hat | Cert-manager Operator For Red Hat OpenShift 1.16 | unaffected v1.16.5-1760515757 * rpm | Not specified |
| CNA | Red Hat | OpenShift Compliance Operator 1 | unaffected 1.8.0 * rpm | Not specified |
| CNA | Red Hat | OpenShift Compliance Operator 1 | unaffected 1.8.0 * rpm | Not specified |
| CNA | Red Hat | OpenShift Compliance Operator 1 | unaffected 1.8.0 * rpm | Not specified |
| CNA | Red Hat | OpenShift File Integrity Operator - FIO 1 | unaffected v1.3 * rpm | Not specified |
| CNA | Red Hat | Red Hat Discovery 2 | unaffected 2.2.1-1758555934 * rpm | Not specified |
| CNA | Red Hat | Red Hat Insights Proxy 1.5 | unaffected 1.5.6-1756187445 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116455 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116482 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116441 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116449 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116439 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116447 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756128595 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756125872 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Distributed Tracing 3.5.1 | unaffected rhosdt-3.5-1756116445 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757422110 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757421846 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757421804 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757422070 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757421879 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757422401 * rpm | Not specified |
| CNA | Red Hat | Red Hat OpenShift Sandboxed Containers 1.1 | unaffected 1.10.2-1757421890 * rpm | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 6 | Not specified | Not specified |
| ADP | Siemens | SIDIS Secured SmartPlug | affected V7.26.0310 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| access.redhat.com/errata/RHSA-2025:21913 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:18217 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:0934 | [email protected] | access.redhat.com | |
| github.com/libarchive/libarchive/releases/tag/v3.8.0 | [email protected] | github.com | Release Notes |
| access.redhat.com/errata/RHSA-2025:21885 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14644 | [email protected] | access.redhat.com | Third Party Advisory |
| bugzilla.redhat.com/show_bug.cgi | [email protected] | bugzilla.redhat.com | Issue Tracking, Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14142 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14141 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:15709 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14130 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:18219 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:19041 | [email protected] | access.redhat.com | Third Party Advisory |
| github.com/libarchive/libarchive/pull/2598 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | github.com | Exploit, Issue Tracking, Patch |
| access.redhat.com/errata/RHSA-2025:18218 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/security/cve/CVE-2025-5914 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:16524 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14137 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:19046 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14808 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:15828 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:15397 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14810 | [email protected] | access.redhat.com | Third Party Advisory |
| cert-portal.siemens.com/productcert/html/ssa-585531.html | 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | cert-portal.siemens.com | |
| access.redhat.com/errata/RHSA-2025:14525 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14594 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:15024 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14135 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:15827 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:0326 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14528 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2025:14828 | [email protected] | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:1541 | [email protected] | access.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2025-06-06T17:58:25.491Z | Reported to Red Hat. |
| CNA | 2025-05-20T00:00:00.000Z | Made public. |
There are currently no legacy QID mappings associated with this CVE.