libarchive-3.1.2-14.0.1.el7.AXS7

エラータID: AXSA:2025-10515:01

リリース日: 
2025/07/17 Thursday - 20:18
題名: 
libarchive-3.1.2-14.0.1.el7.AXS7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Libarchive is a programming library that can create and read several different
streaming archive formats, including most popular tar variants, several cpio
formats, and both BSD and GNU ar variants. It can also write shar archives and
read ISO9660 CDROM images and ZIP archives.

Security Fix(es):

* CVE-2025-5914: fix double free with over 4 billion nodes

CVE(s):
CVE-2025-5914
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

解決策: 

Update packages.

CVE: 
CVE-2025-5914
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
追加情報: 

N/A

ダウンロード: 

Asianux Server 7 for x86_64
  1. libarchive-3.1.2-14.0.1.el7.AXS7.i686.rpm
    MD5: 9a584b96b743a09a010afae8e6ccdb5d
    SHA-256: e4523593bb94c64487084c1de123599468195e37cca81f554d480456f60c0ce2
    Size: 335.32 kB
  2. libarchive-3.1.2-14.0.1.el7.AXS7.x86_64.rpm
    MD5: 00aaf2087332138dd6d9b4b5f40a77e0
    SHA-256: 5d6dd961454e221a2692b92a3afd61167d291c71bc7103fa1b7c3597ece80d82
    Size: 318.50 kB
  3. libarchive-devel-3.1.2-14.0.1.el7.AXS7.x86_64.rpm
    MD5: ac41f9a29332ba4d9be91cae2fb4bc61
    SHA-256: 48dbe15c0490297f27d873b9e7801194c6b4b477756665b702914714926607ef
    Size: 114.18 kB