rpm package
almalinux/libarchive-devel
pkg:rpm/almalinux/libarchive-devel
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-5121 | Hig | 7.5 | < 3.5.3-9.el9_7 | 3.5.3-9.el9_7 | Mar 30, 2026 | A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potent | |
| CVE-2026-4424 | Hig | 7.5 | < 3.7.7-8.el10_1 | 3.7.7-8.el10_1 | Mar 19, 2026 | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specia | |
| CVE-2026-4111 | Hig | 7.5 | < 3.7.7-5.el10_1 | 3.7.7-5.el10_1 | Mar 13, 2026 | A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forw | |
| CVE-2025-5914 | — | < 3.5.3-6.el9_6 | 3.5.3-6.el9_6 | Jun 9, 2025 | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in me | ||
| CVE-2025-25724 | — | < 3.7.7-3.el10_0 | 3.7.7-3.el10_0 | Mar 2, 2025 | list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be suf | ||
| CVE-2024-57970 | Med | 4.0 | < 3.7.7-2.el10_0 | 3.7.7-2.el10_0 | Feb 16, 2025 | libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname. | |
| CVE-2022-36227 | — | < 3.5.3-4.el9 | 3.5.3-4.el9 | Nov 22, 2022 | In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties disp | ||
| CVE-2021-31566 | — | < 3.3.3-3.el8_5 | 3.3.3-3.el8_5 | Aug 23, 2022 | An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extr | ||
| CVE-2021-23177 | — | < 3.3.3-3.el8_5 | 3.3.3-3.el8_5 | Aug 23, 2022 | An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacke | ||
| CVE-2022-26280 | — | < 3.5.3-2.el9_0 | 3.5.3-2.el9_0 | Mar 28, 2022 | Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. | ||
| CVE-2019-19221 | — | < 3.3.2-9.el8 | 3.3.2-9.el8 | Nov 21, 2019 | In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. |
- affected < 3.5.3-9.el9_7fixed 3.5.3-9.el9_7
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potent
- affected < 3.7.7-8.el10_1fixed 3.7.7-8.el10_1
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specia
- affected < 3.7.7-5.el10_1fixed 3.7.7-5.el10_1
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forw
- CVE-2025-5914Jun 9, 2025affected < 3.5.3-6.el9_6fixed 3.5.3-6.el9_6
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in me
- CVE-2025-25724Mar 2, 2025affected < 3.7.7-3.el10_0fixed 3.7.7-3.el10_0
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be suf
- affected < 3.7.7-2.el10_0fixed 3.7.7-2.el10_0
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
- CVE-2022-36227Nov 22, 2022affected < 3.5.3-4.el9fixed 3.5.3-4.el9
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties disp
- CVE-2021-31566Aug 23, 2022affected < 3.3.3-3.el8_5fixed 3.3.3-3.el8_5
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extr
- CVE-2021-23177Aug 23, 2022affected < 3.3.3-3.el8_5fixed 3.3.3-3.el8_5
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacke
- CVE-2022-26280Mar 28, 2022affected < 3.5.3-2.el9_0fixed 3.5.3-2.el9_0
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.
- CVE-2019-19221Nov 21, 2019affected < 3.3.2-9.el8fixed 3.3.2-9.el8
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.