CVE-2025-5914
A vulnerability has been identified in the libarchive library,
specifically within the archive_read_format_rar_seek_data() function.
This flaw involves an integer overflow that can ultimately lead to
a double-free condition. Exploiting a double-free vulnerability can
result in memory corruption, enabling an attacker to execute
arbitrary code or cause a denial-of-service condition.
CVE-2025-5916
This flaw involves an integer overflow that can be triggered
when processing a Web Archive (WARC) file that claims to have more
than INT64_MAX - 4 content bytes. An attacker could craft a malicious
WARC archive to induce this overflow, potentially leading to
unpredictable program behavior, memory corruption, or a
denial-of-service condition within applications that process
such archives using libarchive.
CVE-2025-5917
This flaw involves an 'off-by-one' miscalculation when
handling prefixes and suffixes for file names. This can lead to
Get the latest Linux and open source security news straight to your inbox.