CVE-2025-5918 Information

Description

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences including unpredictable program behavior memory corruption or a denial-of-service condition.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

Reference

https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

LOW

Base Severity

3.9