Libarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c
Summary
| CVE | CVE-2025-5915 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2025-06-09 20:15:26 UTC |
| Updated | 2026-06-30 11:16:25 UTC |
| Description | A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions. |
Risk And Classification
Primary CVSS: v3.1 6.6 MEDIUM from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
EPSS: 0.001630000 probability, percentile 0.058470000 (date 2026-07-03)
Problem Types: CWE-122 | CWE-122 Heap-based Buffer Overflow
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Secondary | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H |
| 3.1 | [email protected] | Secondary | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H |
| 3.1 | CNA | CVSS | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
NoneAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Libarchive | Libarchive | All | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 9.0 | All | All | All |
| Application | Redhat | Openshift Container Platform | 4.0 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Red Hat | Red Hat Enterprise Linux 10 | Not specified | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 6 | Not specified | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 7 | Not specified | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 8 | Not specified | Not specified |
| CNA | Red Hat | Red Hat Enterprise Linux 9 | Not specified | Not specified |
| CNA | Red Hat | Red Hat OpenShift Container Platform 4 | Not specified | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| github.com/libarchive/libarchive/releases/tag/v3.8.0 | [email protected] | github.com | Release Notes |
| bugzilla.redhat.com/show_bug.cgi | [email protected] | bugzilla.redhat.com | Issue Tracking |
| github.com/libarchive/libarchive/pull/2599 | [email protected] | github.com | Patch |
| access.redhat.com/security/cve/CVE-2025-5915 | [email protected] | access.redhat.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2025-06-06T18:03:54.692Z | Reported to Red Hat. |
| CNA | 2025-05-20T00:00:00.000Z | Made public. |
Workarounds
CNA: Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements.
There are currently no legacy QID mappings associated with this CVE.