Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: libarchive Moderate DoS Issues Advisory 2025:20594-1

suse
Calendar Grey August 29, 2025
Dist Suse Esm H88
A comprehensive security notice issued for SUSE regarding various vulnerabilities in libarchive, aimed at bolstering defenses against emerging risks.
* bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336

Summary

## This update for libarchive fixes the following issues: * CVE-2025-5918: reading past EOF may be triggered for piped file streams (bsc#1244279) * CVE-2025-5917: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5916: integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5915: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5914: double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory moderate SuSE software update DoS libarchive

References

* bsc#1244270

* bsc#1244272

* bsc#1244273

* bsc#1244279

* bsc#1244336

Cross-

* CVE-2025-5914

* CVE-2025-5915

* CVE-2025-5916

* CVE-2025-5917

* CVE-2025-5918

CVSS scores:

* CVE-2025-5914 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-5914 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-5914 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-5915 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

* CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

Announcement ID: SUSE-SU-2025:20594-1
Release Date: 2025-08-14T10:15:05Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate SuSE software update DoS libarchive

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here