Cyber Resilience

CVE-2025-5914

HighPublic PoC

Published: 09 June 2025

Published
09 June 2025
Modified
05 February 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-5914 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 29.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker…

more

to execute arbitrary code or cause a denial-of-service condition.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1499 Endpoint Denial of Service Impact
Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users.
Why these techniques?

The integer overflow in libarchive's RAR processing leads to double-free, enabling memory corruption for arbitrary code execution (T1203: Exploitation for Client Execution via malicious RAR files) or denial-of-service (T1499: Endpoint Denial of Service via crash).

Affected Assets

libarchive
libarchive
≤ 3.8.0
redhat
openshift container platform
4.0
redhat
enterprise linux
10.0, 6.0, 7.0, 8.0, 9.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References