CVE-2025-5914

High CVSS 7.3

Overview

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

CWE: CWE-415 Published: 2025-06-09T20:15:26.123

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.3 (HIGH)
Detected tags: int_overflow, mem_corruption, rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags