Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Ubuntu 25.04: USN-7601-1 critical: libarchive denial of service

Calendar Jun 26, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical vulnerability ubuntu libarchive
Several security issues were fixed in libarchive. 
==========================================================================
Ubuntu Security Notice USN-7601-1
June 26, 2025

libarchive vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in libarchive.

Software Description:
- libarchive: Library to read/write archive files

Details:

It was discovered that libarchive incorrectly handled certain RAR archive
files. An attacker could possibly use this issue to execute arbitrary
code or cause a denial of service. (CVE-2025-5914)

It was discovered that libarchive incorrectly handled certain RAR archive
files. An attacker could possibly use this issue to read sensitive data
or cause a denial of service. (CVE-2025-5915)

It was discovered that libarchive incorrectly handled certain WARC
archive files. If a user or automated system were tricked into processing
a specially crafted WARC archive, an attacker could use this issue to
cause libarchive to crash, resulting in a denial of service.
(CVE-2025-5916)

It was discovered that libarchive incorrectly handled certain file names
when handling prefixes and suffixes. An attacker could possibly use this
issue to cause libarchive to crash, resulting in a denial of service.
(CVE-2025-5917)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libarchive13t64                 3.7.7-0ubuntu2.3

Ubuntu 24.10
  libarchive13t64                 3.7.4-1ubuntu0.3

Ubuntu 24.04 LTS
  libarchive13t64                 3.7.2-2ubuntu0.5

Ubuntu 22.04 LTS
  libarchive13                    3.6.0-1ubuntu1.5

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7601-1
  CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917

Package Information:
  https://launchpad.net/ubuntu/+source/libarchive/3.7.7-0ubuntu2.3
  https://launchpad.net/ubuntu/+source/libarchive/3.7.4-1ubuntu0.3
  https://launchpad.net/ubuntu/+source/libarchive/3.7.2-2ubuntu0.5
  https://launchpad.net/ubuntu/+source/libarchive/3.6.0-1ubuntu1.5

Ubuntu 25.04: USN-7601-1 critical: libarchive denial of service

ubuntu
Calendar Grey June 26, 2025
Dist Ubuntu Esm H88
A crucial enhancement for libarchive addresses several vulnerabilities that might lead to service disruption or potential code execution threats.
Several security issues were fixed in libarchive.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in libarchive. Software Description: - libarchive: Library to read/write archive files Details: It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2025-5914) It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to read sensitive data or cause a denial of service. (CVE-2025-5915) It was discovered that libarchive incorrectly handled certain WARC archive files. If a user or automated system were tricked into processing a specially crafted WARC archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service. (CVE-2025-5916) It was discovered that libarchive...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical vulnerability ubuntu libarchive

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libarchive13t64 3.7.7-0ubuntu2.3 Ubuntu 24.10 libarchive13t64 3.7.4-1ubuntu0.3 Ubuntu 24.04 LTS libarchive13t64 3.7.2-2ubuntu0.5 Ubuntu 22.04 LTS libarchive13 3.6.0-1ubuntu1.5 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7601-1

CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7601-1

Topics%20covered

Topics Covered

security advisory denial of service critical vulnerability ubuntu libarchive

Package Information

https://launchpad.net/ubuntu/+source/libarchive/3.7.7-0ubuntu2.3 https://launchpad.net/ubuntu/+source/libarchive/3.7.4-1ubuntu0.3 https://launchpad.net/ubuntu/+source/libarchive/3.7.2-2ubuntu0.5 https://launchpad.net/ubuntu/+source/libarchive/3.6.0-1ubuntu1.5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here