Unrated severityNVD Advisory· Published Nov 5, 2025· Updated Nov 5, 2025
CVE-2025-60753
CVE-2025-60753
Description
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- libarchive/bsdtardescription
- Range: <3.8.1
- osv-coords15 versionspkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
< 3.5.1-150400.3.24.1+ 14 more
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.7.2-150600.3.20.1
- (no CPE)range: < 3.7.2-150600.3.20.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.7.2-150600.3.20.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.5.1-150400.3.24.1
- (no CPE)range: < 3.7.2-150600.3.20.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.