CVE Details
Basic Information
| Title | Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c |
|---|---|
| Type | cve |
| Published | 2025-06-09T19:49:07.620Z |
| Last Seen |
Product Information
| Vendor | Red Hat |
|---|---|
| Product | Red Hat Enterprise Linux 10 |
| Version |
CVSS Information
| Base Score | 3.9 (LOW) |
|---|---|
| Attack Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in libarchive allows integer overflow when processing large WARC files, potentially causing memory corruption or denial-of-service. |
|---|---|
| AI Severity | Medium |
| Vendor | Red Hat |
| Product | libarchive |
| Affected Version | Unspecified |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-190 |
| Bulletin Family |
References
Description
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX – 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.