DEBIAN-CVE-2025-53816

DEBIAN-CVE-2025-53816 PUBLISHED CVSS 7.5 HIGH

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	7zip-rar	0, 23.01-1, 22.01-1
Debian:12	p7zip-rar	15.09-1, 15.09-2, 15.14.1-1
Debian:11	p7zip-rar	*, 0, 15.09-1
Debian:14	7zip-rar	24.09+ds, 24.09+ds, 24.09+ds
Debian:13	p7zip-rar	0, 15.09-1, 15.09-2

Timeline

Jul 17, 2025 CVE Published
May 16, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-53816 advisory

Open in Interactive Console →