vulnerability
Red Hat: CVE-2025-5918: libarchive: Reading past EOF may be triggered for piped file streams
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:L/AC:M/Au:S/C:P/I:N/A:P) | Jun 9, 2025 | Jul 9, 2025 | Jul 10, 2025 |
Severity
3
CVSS
(AV:L/AC:M/Au:S/C:P/I:N/A:P)
Published
Jun 9, 2025
Added
Jul 9, 2025
Modified
Jul 10, 2025
Description
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.
Solution
no-fix-redhat-rpm-package
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.