Debian 11 p7zip-rar DLA-4577-1 Memory Corruption DoS Risk CVE-2025-53816
debian lts
May 11, 2026
Jaroslav Lobačevski from GitHub Security Lab discovered a memory corruption vulnerability in the RAR module of p7zip, a now unmaintained fork of 7-Zip, a file archiver handling mu...
Topics Covered
Summary
To address this vulnerability, whose fix is unfortunately not
isolated, and to remain compatible with the new p7zip package
(DLA-4576-1), this update replaces the p7zip code base with 7-Zip v25
(which now supports GNU/Linux natively), slightly modified to make it
reasonably compatible with p7zip.
For Debian 11 bullseye, this problem has been fixed in version
16.02+really25.00+ds-0+deb11u1.
We recommend that you upgrade your p7zip-rar packages.
For the detailed security status of p7zip-rar please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/p7zip-rar
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Package: p7zip-rar
Version: 16.02+really25.00+ds-0+deb11u1
CVE ID: CVE-2025-53816
Debian Bug: 1109494
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!