CVE Details
Basic Information
| Title | Libarchive: reading past eof may be triggered for piped file streams |
|---|---|
| Type | cve |
| Published | 2025-06-09T19:49:13.544Z |
| Last Seen |
Product Information
| Vendor | Red Hat |
|---|---|
| Product | Red Hat Enterprise Linux 10 |
| Version |
CVSS Information
| Base Score | 3.9 (LOW) |
|---|---|
| Attack Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in the libarchive library allows reading past the end of a file when using piped streams with bsdtar, potentially causing memory corruption or a denial-of-service condition. |
|---|---|
| AI Severity | Low |
| Vendor | libarchive project |
| Product | libarchive library |
| Affected Version |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-125 |
| Bulletin Family |
References
Description
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.