A significant security flaw has been identified in 7-Zip, a widely used open-source file archiver, which permits attackers to induce system crashes through specially crafted RAR5 archive files. This vulnerability, designated as CVE-2025-53816 and GHSL-2025-058, affects all 7-Zip versions prior to 25.00.
Technical Details
The vulnerability arises from a heap-based buffer overflow within 7-Zip’s RAR5 decoder. Specifically, the issue is located in the `NCompress::NRar5::CDecoder` component, where the software attempts to recover from corrupted archive data by filling damaged sections with zeros. A miscalculation in the `rem` value during this process allows attackers to write zeros beyond the allocated heap buffer, potentially corrupting adjacent memory regions and causing application crashes.
Potential Impact
While this flaw is unlikely to lead to arbitrary code execution, it poses a significant risk for denial-of-service attacks. Attackers can exploit this vulnerability to crash 7-Zip processes, disrupting automated file processing systems or user workflows. Given 7-Zip’s extensive use in both personal and enterprise environments, the potential impact is considerable.
Mitigation Measures
To address this vulnerability, users are strongly advised to upgrade to 7-Zip version 25.00 or later. Since 7-Zip lacks an automatic update feature, users must manually download and install the latest version from the official website. Organizations handling untrusted archive files should implement additional security measures, such as restricting access to potentially malicious files and monitoring systems for unusual activity.
Disclosure Timeline
– April 24, 2025: Vulnerability reported to 7-Zip developers.
– April 29, 2025: Acknowledgment of the report by the development team.
– July 5, 2025: Release of 7-Zip version 25.00, addressing the vulnerability.
Conclusion
The discovery of CVE-2025-53816 underscores the importance of regular software updates and vigilance when handling files from untrusted sources. Users and organizations should promptly update to the latest version of 7-Zip to mitigate potential risks associated with this vulnerability.
