CVE-2025-5917 PUBLISHED

Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c

Assigner: redhat
Reserved: 09.06.2025 Published: 09.06.2025 Updated: 10.06.2025

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
CVSS Score: 2.8

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	Low	Integrity Impact	None
User Interaction	Required	Availability Impact	Low

CVSS 3.1

Product Status

Vendor	Red Hat
Product	Red Hat Enterprise Linux 10
Versions	Default: affected

Vendor	Red Hat
Product	Red Hat Enterprise Linux 6
Versions	Default: unknown

Vendor	Red Hat
Product	Red Hat Enterprise Linux 7
Versions	Default: unknown

Vendor	Red Hat
Product	Red Hat Enterprise Linux 8
Versions	Default: affected

Vendor	Red Hat
Product	Red Hat Enterprise Linux 9
Versions	Default: affected

Vendor	Red Hat
Product	Red Hat OpenShift Container Platform 4
Versions	Default: affected

Workarounds

Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements.

References

Problem Types

Out-of-bounds Write CWE