Lucene search
K

EulerOS Virtualization 2.10.0 : libarchive (EulerOS-SA-2026-1176)

🗓️ 31 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 6 Views

Libarchive in EulerOS has flaws causing memory corruption, crashes, denial of service, or code execution.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues
28 Aug 202521:17
ibm
IBM Security Bulletins
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
6 Aug 202516:37
ibm
IBM Security Bulletins
Security Bulletin: Watsonx BI is affected by the use of Insufficiently Random Values causing a vulnerability in form-data allowing HTTP Parameter Pollution (HPP)
17 Sep 202517:29
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
17 Dec 202511:25
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager
10 Oct 202514:29
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
26 May 202606:40
ibm
IBM Security Bulletins
Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities
31 Jul 202514:17
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues
7 Nov 202516:42
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images
23 Jul 202517:22
ibm
FreeBSD
FreeBSD -- Integer overflow in libarchive leading to double free
8 Aug 202500:00
freebsd
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(297320);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/30");

  script_cve_id(
    "CVE-2025-5914",
    "CVE-2025-5916",
    "CVE-2025-5917",
    "CVE-2025-5918",
    "CVE-2025-25724"
  );
  script_xref(name:"IAVA", value:"2024-A-0834-S");
  script_xref(name:"IAVA", value:"2025-A-0551-S");

  script_name(english:"EulerOS Virtualization 2.10.0 : libarchive (EulerOS-SA-2026-1176)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote
host is affected by the following vulnerabilities :

    A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one'
    miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write
    overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable
    program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more
    sophisticated exploitation.(CVE-2025-5917)

    A vulnerability has been identified in the libarchive library, specifically within the
    archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately
    lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption,
    enabling an attacker to execute arbitrary code or cause a denial-of-service condition.(CVE-2025-5914)

    A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that
    can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4
    content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially
    leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within
    applications that process such archives using libarchive.(CVE-2025-5916)

    A vulnerability has been identified in the libarchive library. This flaw can be triggered when file
    streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-
    bounds read can lead to unintended consequences, including unpredictable program behavior, memory
    corruption, or a denial-of-service condition.(CVE-2025-5918)

    list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which
    can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a
    verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom
    locale.(CVE-2025-25724)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization libarchive security
advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2026-1176
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a4e8c710");
  script_set_attribute(attribute:"solution", value:
"Update the affected libarchive packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-5914");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/12/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/01/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/31");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libarchive");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.10.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.10.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.10.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

var flag = 0;

var pkgs = [
  "libarchive-3.4.3-2.h9.eulerosv2r10"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libarchive");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation