Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian 11: Important Memory Vulnerability Advisory DLA-4368-1 CVE-2025-5914

debian lts
Calendar Grey November 11, 2025
Dist Debian Esm H88
Multiple vulnerabilities fixed in libarchive impacting memory and integrity, impacting Debian stability and security.
Multiple vulnerabilties were fixed in libarchive a multi-format archive and compression library

Summary

CVE-2025-5914

A vulnerability has been identified in the libarchive library,
specifically within the archive_read_format_rar_seek_data() function.
This flaw involves an integer overflow that can ultimately lead to
a double-free condition. Exploiting a double-free vulnerability can
result in memory corruption, enabling an attacker to execute
arbitrary code or cause a denial-of-service condition.

CVE-2025-5916

This flaw involves an integer overflow that can be triggered
when processing a Web Archive (WARC) file that claims to have more
than INT64_MAX - 4 content bytes. An attacker could craft a malicious
WARC archive to induce this overflow, potentially leading to
unpredictable program behavior, memory corruption, or a
denial-of-service condition within applications that process
such archives using libarchive.

CVE-2025-5917

This flaw involves an 'off-by-one' miscalculation when
handling prefixes and suffixes for file names. This can lead to

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Package: libarchive
Version: 3.4.3-2+deb11u3
CVE ID: CVE-2025-5914 CVE-2025-5916 CVE-2025-5917 CVE-2025-5918
Debian Bug: 1107621 1107623 1107624 1107626

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here