DEBIAN-CVE-2025-53816

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2025-53816
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-53816
Upstream
Published
2025-07-17T19:15:25.170Z
Modified
2025-11-20T10:18:24.898099Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

References

Affected packages

Debian:13 / 7zip-rar

Package

Name
7zip-rar
Purl
pkg:deb/debian/7zip-rar?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25.00+ds-1

Affected versions

22.*

22.01-1

23.*

23.01-1
23.01-2
23.01-3
23.01-4

24.*

24.05+ds-1
24.05+ds-2
24.06+ds-1
24.07+ds-1
24.08+ds-1
24.09+ds-1
24.09+ds-2
24.09+ds-3~bpo12+1
24.09+ds-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json"

Debian:14 / 7zip-rar

Package

Name
7zip-rar
Purl
pkg:deb/debian/7zip-rar?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25.00+ds-1

Affected versions

22.*

22.01-1

23.*

23.01-1
23.01-2
23.01-3
23.01-4

24.*

24.05+ds-1
24.05+ds-2
24.06+ds-1
24.07+ds-1
24.08+ds-1
24.09+ds-1
24.09+ds-2
24.09+ds-3~bpo12+1
24.09+ds-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json"

Debian:11 / p7zip-rar

Package

Name
p7zip-rar
Purl
pkg:deb/debian/p7zip-rar?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.44-1
4.44.ds.1-1
4.45~ds.1-1
4.47~ds.1-1
4.51~ds.1-1
4.55~ds.1-1
4.55~ds.1-2
4.57~ds.1-1
4.58~ds.1-1
4.61~ds.1-1
4.65~ds.1-1

9.*

9.04~ds.1-1
9.20.1~ds.1-1
9.20.1~ds.1-2
9.20.1~ds.1-3
9.20.1~ds.1-4

15.*

15.09-1
15.09-2
15.14.1-1

16.*

16.02-1
16.02-2
16.02-3
16.02+transitional.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json"

Debian:12 / p7zip-rar

Package

Name
p7zip-rar
Purl
pkg:deb/debian/p7zip-rar?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.44-1
4.44.ds.1-1
4.45~ds.1-1
4.47~ds.1-1
4.51~ds.1-1
4.55~ds.1-1
4.55~ds.1-2
4.57~ds.1-1
4.58~ds.1-1
4.61~ds.1-1
4.65~ds.1-1

9.*

9.04~ds.1-1
9.20.1~ds.1-1
9.20.1~ds.1-2
9.20.1~ds.1-3
9.20.1~ds.1-4

15.*

15.09-1
15.09-2
15.14.1-1

16.*

16.02-1
16.02-2
16.02-3
16.02+transitional.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json"

Debian:13 / p7zip-rar

Package

Name
p7zip-rar
Purl
pkg:deb/debian/p7zip-rar?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.02+transitional.1

Affected versions

4.*

4.44-1
4.44.ds.1-1
4.45~ds.1-1
4.47~ds.1-1
4.51~ds.1-1
4.55~ds.1-1
4.55~ds.1-2
4.57~ds.1-1
4.58~ds.1-1
4.61~ds.1-1
4.65~ds.1-1

9.*

9.04~ds.1-1
9.20.1~ds.1-1
9.20.1~ds.1-2
9.20.1~ds.1-3
9.20.1~ds.1-4

15.*

15.09-1
15.09-2
15.14.1-1

16.*

16.02-1
16.02-2
16.02-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-53816.json"