CVE-2025-53816
BaseFortify
Publication date: 2025-07-17
Last updated on: 2025-11-04
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| 7-zip | 7-zip | to 25.00 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-53816 is a denial of service vulnerability caused by a heap-based buffer overflow in the RAR5 decoder component of 7-Zip. The flaw occurs because the code incorrectly calculates the number of bytes to zero out when repairing corrupted archive data, leading to zeroes being written outside the allocated heap buffer. This memory corruption causes crashes when extracting specially crafted RAR5 archives. The issue arises from improper bounds checking in the zero-filling logic of the decoder. [1]
How can this vulnerability impact me? :
This vulnerability can cause 7-Zip to crash or become unavailable when processing maliciously crafted RAR5 archives, resulting in a denial of service. It does not allow arbitrary code execution, so the impact is limited to service disruption rather than full system compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to extract a crafted RAR5 archive that triggers the heap buffer overflow in vulnerable versions of 7-Zip prior to 25.0.0. Using 7-Zip compiled with AddressSanitizer (ASAN) can help detect the heap-buffer-overflow error during extraction. There are no specific network detection commands provided. A practical detection method is to run 7-Zip extraction on suspicious RAR5 archives and observe for crashes or ASAN errors. Example command to test extraction on a suspicious archive: `7z x suspicious.rar` (using a vulnerable 7-Zip version). [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade 7-Zip to version 25.0.0 or later, which contains the fix for this vulnerability. Avoid extracting untrusted or suspicious RAR5 archives with vulnerable versions of 7-Zip. If upgrading is not immediately possible, consider restricting the use of 7-Zip for RAR5 archives or using alternative extraction tools that are not affected. [1]