CVE-2025-5915

Published Jun 9, 2025

Last updated a month ago

CVSS low 3.9

Overview

Description
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
3.9
Impact score
2.5
Exploitability score
1.3
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
Severity
LOW

Weaknesses

secalert@redhat.com
CWE-122

Social media

Hype score
Not currently trending

  1. CVE-2025-5915 A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the… https://t.co/DdwZ4xXJ0K

    @CVEnew

    9 Jun 2025

    398 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.