Acknowledged
Created: Jun 10, 2025
Updated: Jul 2, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-
one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-
byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, lea
ding to unpredictable program behavior, crashes, or in specific circumstances, could be lever
aged as a building block for more sophisticated exploitation.
CREATE(Triage):(User=lchen-cn) CVE-2025-5917 (https://nvd.nist.gov/vuln/detail/CVE-2025-5917)
