CVE-2024-48958

Summary

CVE-2024-48958 is a vulnerability found in libarchive versions prior to 3.7.5, specifically within the execute_filter_delta function in the archive_read_support_format_rar.c file, which allows for out-of-bounds access when processing a maliciously crafted archive file. This flaw affects multiple products associated with libarchive and poses a high risk due to potential impacts on confidentiality, integrity, and availability of the affected systems. Remediation involves updating libarchive to version 3.7.5 or later, as patches are available through GitHub references provided for this vulnerability. The exploitability score is rated at 1.8, indicating a low attack complexity but requiring user interaction to trigger the vulnerability locally. Organizations utilizing affected products should prioritize updates to mitigate risks associated with this vulnerability effectively.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.