Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: Libarchive Moderate Security Update 2025:02718-1 CVE-2025-5914

suse
Calendar Grey August 6, 2025
Dist Suse Esm H88
Recent SUSE releases for libarchive tackle several significant vulnerabilities, boosting both security and overall system performance. Keep your systems current!
* bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336

Summary

## This update for libarchive fixes the following issues: * CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) * CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory moderate buffer overflow SuSE libarchive heap issue

References

* bsc#1244270

* bsc#1244272

* bsc#1244273

* bsc#1244279

* bsc#1244336

Cross-

* CVE-2025-5914

* CVE-2025-5915

* CVE-2025-5916

* CVE-2025-5917

* CVE-2025-5918

CVSS scores:

* CVE-2025-5914 ( SUSE ): 1.8

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-5914 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

* CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-5914 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

* CVE-2025-5915 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

* CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

* CVE-2025-5916 ( SUSE ): 4.6

Announcement ID: SUSE-SU-2025:02718-1
Release Date: 2025-08-06T13:55:10Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate buffer overflow SuSE libarchive heap issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here