Several security issues were fixed in libarchive.
Software Description:
- libarchive: Library to read/write archive files
Details:
It was discovered that libarchive incorrectly handled certain RAR archive
files. An attacker could possibly use this issue to execute arbitrary
code or cause a denial of service. (CVE-2025-5914)
It was discovered that libarchive incorrectly handled certain RAR archive
files. An attacker could possibly use this issue to read sensitive data
or cause a denial of service. (CVE-2025-5915)
It was discovered that libarchive incorrectly handled certain WARC
archive files. If a user or automated system were tricked into processing
a specially crafted WARC archive, an attacker could use this issue to
cause libarchive to crash, resulting in a denial of service.
(CVE-2025-5916)
It was discovered that libarchive incorrectly handled certain file names
when handling prefixes and suffixes. An attacker could possibly use this
issue to cause libarchive to crash, re...
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libarchive13t64 3.7.7-0ubuntu2.3 Ubuntu 24.10 libarchive13t64 3.7.4-1ubuntu0.3 Ubuntu 24.04 LTS libarchive13t64 3.7.2-2ubuntu0.5 Ubuntu 22.04 LTS libarchive13 3.6.0-1ubuntu1.5 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7601-1
CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917
Get the latest Linux and open source security news straight to your inbox.