CVE-2025-60753
EUVD-2025-3790005.11.2025, 16:15
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libarchive | libarchive | 𝑥 ≤ 3.8.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libarchive |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bsdtar |
| ||||||||||||||||||
| libarchive-devel |
| ||||||||||||||||||
| libarchive13 |
|
Azure Linux Releases