CLSA-2025-1764778336

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1764778336.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1764778336
Upstream
Published
2025-12-03T16:12:19Z
Modified
2026-06-01T00:33:14.131107716Z
Summary
libarchive: Fix of 2 CVEs
Details
  • CVE-2025-5917: fix overflow in buildustarentry
  • CVE-2025-5918: do not skip past EOF while reading
References

Affected packages

TuxCare:OracleLinux:7 / bsdcpio

Package

Name
bsdcpio
Purl
pkg:rpm/tuxcare/bsdcpio?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.2-14.el7_7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1764778336.json"

TuxCare:OracleLinux:7 / bsdtar

Package

Name
bsdtar
Purl
pkg:rpm/tuxcare/bsdtar?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.2-14.el7_7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1764778336.json"

TuxCare:OracleLinux:7 / libarchive

Package

Name
libarchive
Purl
pkg:rpm/tuxcare/libarchive?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.2-14.el7_7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1764778336.json"

TuxCare:OracleLinux:7 / libarchive-devel

Package

Name
libarchive-devel
Purl
pkg:rpm/tuxcare/libarchive-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.2-14.el7_7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1764778336.json"