Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisorymoderatedenial of serviceSUSE 16.0 7zip Moderate Patch Denial of Service 2026-20592-1
An update that solves two vulnerabilities and has one fix can now be installed.. # Security update for 7zip Announcement ID: SUSE-SU-2026:20592-1 Release Date: 2026-02-26T11:53:30Z Rating: moderate References: * bsc#1246706 * bsc#1246707 * bsc#1249130 Cross-References: * CVE-2025-53816 * CVE-2025-53817 CVSS scores: * CVE-2025-53816 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-53816 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-53816 ( NVD ): 5.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-53816 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53817 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53817 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-53817 ( NVD ): 5.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-53817 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for 7zip fixes the following issues: * Update to 25.01 (boo#1249130) * The code for handling symbolic links has been changed to provide greater security when extracting files from archives * Command line switch -snld20 can be used to bypass default security checks when creating symbolic links. * Update to 25.00: * bzip2 compression speed was increased by 15-40%. * deflate (zip/gz) compression speed was increased by 1-3%. * improved support for zip, cpio and fat archives. *CVE-2025-53816: Fixed input manipulation leading to heap buffer overflow (bsc#1246706) * CVE-2025-53817: Fixed null pointer dereference leading to denial of service (bsc#1246707) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-315=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-315=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * 7zip-25.01-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * 7zip-25.01-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53816.html * https://www.suse.com/security/cve/CVE-2025-53817.html * https://bugzilla.suse.com/show_bug.cgi?id=1246706 * https://bugzilla.suse.com/show_bug.cgi?id=1246707 * https://bugzilla.suse.com/show_bug.cgi?id=1249130 . Discover the latest SUSE advisory for 7zip resolving two issues including buffer overflow and denial of service.. SUSE 7zip security patch moderate threat management. . LinuxSecurity.com Team
Mar 05, 2026
SuSE
202
security advisorymoderateDoSopenSUSE: 7zip Moderate Security Update DoS Issues openSUSE-SU-2025:0339-1
An update that solves two vulnerabilities and has one errata is now available. . openSUSE Security Update: Security update for 7zip ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0339-1 Rating: moderate References: #1246706 #1246707 #1249130 Cross-References: CVE-2025-53816 CVE-2025-53817 CVSS scores: CVE-2025-53816 (SUSE): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2025-53817 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.6 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for 7zip fixes the following issues: - Update to 25.01 (boo#1249130) * The code for handling symbolic links has been changed to provide greater security when extracting files from archives * Command line switch -snld20 can be used to bypass default security checks when creating symbolic links. - includes changes from 25.00: * bzip2 compression speed was increased by 15-40%. * deflate (zip/gz) compression speed was increased by 1-3%. * improved support for zip, cpio and fat archives. * CVE-2025-53816 : 7-Zip could work incorrectly for some incorrect RAR archives (boo#1246706) * CVE-2025-53817 : 7-Zip could crash for some incorrect COM (Compound File) archives (boo#1246707) - Update to 24.09: * The default dictionary size values for LZMA/LZMA2 compression methods were increased * 7-Zip now can calculate the following hash checksums: SHA-512, SHA-384, SHA3-256 and MD5. * APM and HFS support was improved. * If an archive update operation uses a temporary archive folder and the archive is moved to the destination folder, 7-Zip shows the progress of movingthe archive file, as this operation can take a long time if the archive is large. * The bug was fixed: 7-Zip File Manager didn't propagate Zone.Identifier stream for extracted files from nested archives (if there is open archive inside another open archive). * Some bugs were fixed. - update to 24.08: * No longer write extra zero bytes after the end of the archive, if a file included to archive cannot be compressed to a size smaller than original * Some optimizations for displaying file icons in 7-Zip File Manager and in "Confirm File Replace" window. * Some bugs were fixed - Update to 24.07: * The bug was fixed: 7-Zip could crash for some incorrect ZSTD archives. - Update to 24.06: * The bug was fixed: 7-Zip could not unpack some ZSTD archives. - update to 24.05: * New switch -myv=.. to set decoder compatibility version for 7z archive creating * New switches -myfa and -myfd to allow or disallow the specified filter method for 7z archive creating * can use new RISCV filter for compression to 7z and xz archives * can ask user permission to unpack RAR archives that require large amount of memory * new switch -smemx{size}g : to set allowed memory usage limit for RAR archive unpacking. * -y switch disables user requests and messages. * -slmu switch : to show timestamps as UTC instead of LOCAL TIME * support .sha256 files that use backslash path separator '\' * can unpack ZSTD archives (.zst filename extension). * can unpack ZIP, SquashFS and RPM archives that use ZSTD compression method. * support fast hash algorithm XXH64 that is used in ZSTD. * can unpack RAR archives (that use larger than 4 GB dictionary) created by new WinRAR 7.00. * can unpack DMG archives that use XZ (ULMO/LZMA) compression method * can unpack NTFS images with cluster size larger than 64 KB. * can unpack MBR and GDP images with 4 KBsectors. * Speed optimizations for archive unpacking: rar, cab, wim, zip, gz. * Speed optimizations for hash caclulation: CRC-32, CRC-64, BLAKE2sp. * Fix multivolume creation in some cases * bug fixs Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.6: zypper in -t patch openSUSE-2025-339=1 Package List: - openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64): 7zip-25.01-lp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2025-53816.html https://www.suse.com/security/cve/CVE-2025-53817.html https://bugzilla.suse.com/1246706 https://bugzilla.suse.com/1246707 https://bugzilla.suse.com/1249130 . OpenSUSE Security Patch for 7zip resolves a pair of vulnerabilities categorized with a moderate severity level, and it offers guidance for applying the necessary updates.. openSUSE security update, 7zip vulnerabilities, software patch management. . LinuxSecurity.com Team
Sep 08, 2025
OpenSUSE
202
security advisorymoderatesecurity issueopenSUSE Tumbleweed: 7zip Moderate Vulnerabilities Advisory 2025:15523-1
An update that solves 2 vulnerabilities can now be installed.. # 7zip-25.01-1.1 on GA media Announcement ID: openSUSE-SU-2025:15523-1 Rating: moderate Cross-References: * CVE-2025-53816 * CVE-2025-53817 CVSS scores: * CVE-2025-53816 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-53816 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-53817 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-53817 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the 7zip-25.01-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * 7zip 25.01-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53816.html * https://www.suse.com/security/cve/CVE-2025-53817.html . The 7zip package in openSUSE Tumbleweed has patched a moderate security vulnerability involving two identified CVEs. Users are advised to perform an update.. openSUSE, 7zip, moderate security, update available, CVE details. . LinuxSecurity.com Team
Sep 06, 2025
OpenSUSE
203
security advisorydenial of serviceout-of-boundsMageia 6: MGASA-2019-0074 Moderate: Libarchive Denial of Service Risk
libarchive contains an out-of-bounds read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file (CVE-2019-1000019). . MGASA-2019-0074 - Updated libarchive packages fix security vulnerability Publication date: 13 Feb 2019 URL: https://advisories.mageia.org/MGASA-2019-0074.html Type: security Affected Mageia releases: 6 CVE: CVE-2019-1000019, CVE-2019-1000020 libarchive contains an out-of-bounds read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file (CVE-2019-1000019). libarchive contains an infinite loop vulnerability in the ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file (CVE-2019-1000020). References: - https://bugs.mageia.org/show_bug.cgi?id=24337 - https://ubuntu.com/security/notices/USN-3884-1 - https://www.cve.org/CVERecord?id=CVE-2019-1000019 - https://www.cve.org/CVERecord?id=CVE-2019-1000020 SRPMS: - 6/core/libarchive-3.3.1-1.5.mga6 . MGASA-2019-0074 - Updated libarchive packages fix security vulnerability Publication date: 13 Feb 20. libarchive, out-of-bounds, vulnerability, decompression, archive_read_support_. . Severity: Important. LinuxSecurity.com Team
Feb 13, 2019
•Important
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!