Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-5918

Published: June 10, 2025Last modified: July 17, 2025

Description

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Severity score breakdown

ParameterValue
Base score3.9
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionREQUIRED
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactNONE
Availability impactLOW
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlibarchiveFixed (3.8.0-r0)
StreamlibarchiveFixed (3.8.0-r0)

References

ON THIS PAGE