CVE-2025-5918

Libarchive: reading past eof may be triggered for piped file streams

Severity Score

3.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Se ha identificado una vulnerabilidad en la librería libarchive. Esta falla puede activarse cuando se canalizan flujos de archivos a bsdtar, lo que podría permitir la lectura más allá del final del archivo. Esta lectura fuera de los límites puede tener consecuencias imprevistas, como un comportamiento impredecible del programa, corrupción de memoria o una condición de denegación de servicio.

This update for libarchive fixes the following issues. Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data function. Fixed heap buffer over read in copy_from_lzss_window at archive_read_support_format_rar.c. Fixed integer overflow while reading warc files at archive_read_support_format_warc.c. Fixed off by one error in build_ustar_entry_name at archive_write_set_format_pax.c. Fixed reading past EOF may be triggered for piped file streams.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-06-09 CVE Reserved
2025-06-09 CVE Published
2025-08-15 CVE Updated
2025-08-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (4)

URL	Tag	Source
https://access.redhat.com/security/cve/CVE-2025-5918	Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2370877	Issue Tracking
https://github.com/libarchive/libarchive/pull/2584
https://github.com/libarchive/libarchive/releases/tag/v3.8.0

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Red Hat Search vendor "Red Hat"		Enterprise Linux Search vendor "Red Hat" for product "Enterprise Linux"				*		-		Affected
Redhat Search vendor "Redhat"		Openshift Search vendor "Redhat" for product "Openshift"				*		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				*		-		Affected