FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Integer overflow in libarchive leading to double free

Affected packages
14.3 <= FreeBSD < 14.3_2
14.2 <= FreeBSD < 14.2_5
13.5 <= FreeBSD < 13.5_3

Details

VuXML ID 66f35fd9-73f5-11f0-8e0e-002590c1f29c
Discovery 2025-08-08
Entry 2025-08-08

Problem Description:

An integer overflow in the archive_read_format_rar_seek_data() function may lead to a double free problem.

Impact:

Exploiting a double free vulnerability can cause memory corruption. This in turn could enable a threat actor to execute arbitrary code. It might also result in denial of service.

References

CVE Name CVE-2025-5914
FreeBSD Advisory SA-25:07.libarchive

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.