CVE-2024-48958

libarchive: Out-of-bounds access in libarchive's RAR file handling

Description

execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.

INFO

Published Date :

2024-10-10T00:00:00.000Z

Last Modified :

2025-11-03T20:41:07.588Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2024-48958 vulnerability.

Vendors	Products
Libarchive	Libarchive

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-48958.

URL	Resource
http://seclists.org/fulldisclosure/2025/Apr/11
http://seclists.org/fulldisclosure/2025/Apr/12
http://seclists.org/fulldisclosure/2025/Apr/13
http://seclists.org/fulldisclosure/2025/Apr/4
http://seclists.org/fulldisclosure/2025/Apr/8
https://github.com/libarchive/libarchive/compare/v3.7.4...v3.7.5
https://github.com/libarchive/libarchive/pull/2148
https://github.com/terrynini/CVE-Reports/tree/main/CVE-2024-48958
https://nvd.nist.gov/vuln/detail/CVE-2024-48958
https://www.cve.org/CVERecord?id=CVE-2024-48958

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact