libarchive-3.1.2-14.0.1.el7.AXS7
エラータID: AXSA:2025-10515:01
リリース日:
2025/07/17 Thursday - 20:18
題名:
libarchive-3.1.2-14.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- libarchive には、メモリの二重解放の問題があるため、ローカルの
攻撃者により、メモリ破壊、任意のコードの実行、およびサービス拒否
攻撃を可能とする脆弱性が存在します。(CVE-2025-5914)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-5914
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- libarchive-3.1.2-14.0.1.el7.AXS7.i686.rpm
MD5: 9a584b96b743a09a010afae8e6ccdb5d
SHA-256: e4523593bb94c64487084c1de123599468195e37cca81f554d480456f60c0ce2
Size: 335.32 kB - libarchive-3.1.2-14.0.1.el7.AXS7.x86_64.rpm
MD5: 00aaf2087332138dd6d9b4b5f40a77e0
SHA-256: 5d6dd961454e221a2692b92a3afd61167d291c71bc7103fa1b7c3597ece80d82
Size: 318.50 kB - libarchive-devel-3.1.2-14.0.1.el7.AXS7.x86_64.rpm
MD5: ac41f9a29332ba4d9be91cae2fb4bc61
SHA-256: 48dbe15c0490297f27d873b9e7801194c6b4b477756665b702914714926607ef
Size: 114.18 kB