CVE-2025-5916
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-09

Last updated on: 2025-12-12

Assigner: Red Hat, Inc.

Description
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-09
Last Modified
2025-12-12
Generated
2026-05-07
AI Q&A
2025-06-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-5916
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
libarchive libarchive to 3.8.0 (exc)
redhat openshift_container_platform 4.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
redhat enterprise_linux 8.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-5916 is an integer overflow vulnerability in the libarchive library when processing WARC (Web Archive) files. If a WARC file claims to have more than INT64_MAX - 4 content bytes, this can trigger an overflow during parsing. This overflow can cause incorrect memory allocation or buffer handling, leading to unpredictable program behavior, memory corruption, or crashes. The vulnerability arises because the parser fails to properly skip these oversized content bytes, potentially misinterpreting subsequent data as new file entries. [1, 2]


How can this vulnerability impact me? :

This vulnerability can lead to unpredictable program behavior such as crashes or denial-of-service conditions in applications that use libarchive to process WARC files. It may also cause memory corruption, which could be exploited to compromise the security or stability of the affected system. The impact is generally low severity but can disrupt normal operation of software relying on libarchive for archive processing. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying if your system is using a vulnerable version of libarchive prior to 3.8.0, especially if your applications process WARC files. There are no specific detection commands provided in the resources. However, you can check the installed libarchive version using commands like `libarchive --version` or `dpkg -l | grep libarchive` on Linux systems. Additionally, monitoring for crashes or unusual behavior when processing WARC files may indicate exploitation attempts. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade libarchive to version 3.8.0 or later, where the vulnerability has been fixed. This update includes patches that prevent the integer overflow by adding checks on WARC content sizes. Avoid processing untrusted or suspicious WARC files until the update is applied. [2, 3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart