CVE-2025-25724
Published: 02 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-25724 is a vulnerability in the list_item_verbose function within tar/util.c of libarchive through version 3.7.7. The issue stems from a failure to check the return value of strftime, which can result in a denial of service or unspecified other impact when processing a crafted TAR archive using verbose output level 2. For example, a custom locale may exceed the 100-byte buffer allocated for the operation.
Exploitation requires local access (AV:L) with high attack complexity (AC:H), no privileges (PR:N), and no user interaction (UI:N), as indicated by the CVSS v3.1 base score of 4.0 (C:N/I:L/A:L/S:U). A local attacker can thus trigger low-impact integrity and availability effects, such as denial of service, through a malicious TAR file.
Proof-of-concept code demonstrating the issue is available at https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 and https://github.com/Ekkosun/pocs/blob/main/bsdtarbug. The vulnerable source code lines are visible in the libarchive repository at https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability in libarchive TAR processing enables local DoS via crafted archive exploiting application flaw, directly mapping to T1499.004 Application or System Exploitation.