Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

SUSE 16.0 7zip Moderate Patch Denial of Service 2026-20592-1

suse
Calendar Grey March 5, 2026
Dist Suse Esm H88
Discover the latest SUSE advisory for 7zip resolving two issues including buffer overflow and denial of service.
An update that solves two vulnerabilities and has one fix can now be installed.

Summary

## This update for 7zip fixes the following issues: * Update to 25.01 (boo#1249130) * The code for handling symbolic links has been changed to provide greater security when extracting files from archives * Command line switch -snld20 can be used to bypass default security checks when creating symbolic links. * Update to 25.00: * bzip2 compression speed was increased by 15-40%. * deflate (zip/gz) compression speed was increased by 1-3%. * improved support for zip, cpio and fat archives. * CVE-2025-53816: Fixed input manipulation leading to heap buffer overflow (bsc#1246706) * CVE-2025-53817: Fixed null pointer dereference leading to denial of service (bsc#1246707) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

* bsc#1246706

* bsc#1246707

* bsc#1249130

Cross-

* CVE-2025-53816

* CVE-2025-53817

CVSS scores:

* CVE-2025-53816 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-53816 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

* CVE-2025-53816 ( NVD ): 5.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-53816 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-53817 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-53817 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

* CVE-2025-53817 ( NVD ): 5.5

Announcement ID: SUSE-SU-2026:20592-1
Release Date: 2026-02-26T11:53:30Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here