Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2025-5916

3.9 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): LOW

created 6 months, 1 week ago

Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.

References

https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry
RHBZ#2370872 issue-tracking x_refsource_REDHAT
RHBZ#2370872 issue-tracking x_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2568
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
https://access.redhat.com/security/cve/CVE-2025-5916 x_refsource_REDHAT vdb-entry

Affected products

rhcos

libarchive

<3.8.0

Matching in nixpkgs

pkgs.libarchive

Multi-format archive and compression library

nixos-unstable -
- nixpkgs-unstable 3.8.1

pkgs.libarchive-qt

Qt based archiving solution with libarchive backend

nixos-unstable -
- nixpkgs-unstable 2.0.8

pkgs.haskellPackages.libarchive

Haskell interface to libarchive

nixos-unstable -
- nixpkgs-unstable 3.0.4.2

pkgs.kodiPackages.vfs-libarchive

LibArchive Virtual Filesystem add-on for Kodi

nixos-unstable -
- nixpkgs-unstable 20.1.0

pkgs.python312Packages.libarchive-c

Python interface to libarchive

nixos-unstable -
- nixpkgs-unstable 5.3

pkgs.python313Packages.libarchive-c

Python interface to libarchive

nixos-unstable -
- nixpkgs-unstable 5.3

pkgs.haskellPackages.archive-libarchive

Common interface using libarchive

nixos-unstable -
- nixpkgs-unstable 1.0.0.1

pkgs.haskellPackages.libarchive-conduit

Read many archive formats with libarchive and conduit

nixos-unstable -
- nixpkgs-unstable 0.1.0.0

pkgs.python312Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable -
- nixpkgs-unstable 21.5.31

pkgs.python313Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable -
- nixpkgs-unstable 21.5.31

Package maintainers

@peterhoeg Peter Hoeg <peter@hoeg.com>
@dschrempf Dominik Schrempf <dominik.schrempf@gmail.com>
@minijackson Rémi Nicole <minijackson@riseup.net>
@cpages Carles Pagès <page@ruiec.cat>
@aanderse Aaron Andersen <aaron@fosslib.net>
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
@nvmd Sergey Kazenyuk <kazenyuk@pm.me>
@jcumming Jack Cummings <jack@mudshark.org>