libarchive: fix CVE-2025-5914 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-07-02 12:21:30 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-07-09 08:43:32 -0700
commit	28f102461ab6faafddd10448f136a55bb41d140f (patch)
tree	3eb8b79ad6c975c2c206ebeef120588547f9068a /documentation/dev-manual/python-development-shell.rst
parent	7bb9c2255b3aed8441fba1133f350b223a3b6379 (diff)
download	poky-28f102461ab6faafddd10448f136a55bb41d140f.tar.gz

libarchive: fix CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archiv e_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultim ately lead to a double-free condition. Exploiting a double-free vulnerability can result in m emory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-5914 Upstream-patch: https://github.com/libarchive/libarchive/commit/09685126fcec664e2b8ca595e1fc371bd494d209 (From OE-Core rev: b7d8249bda296620a5bbf592f4cdf566b4537563) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/dev-manual/python-development-shell.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: