CVE-2025-53816

Publication date 17 July 2025

Last updated 23 July 2025

Ubuntu priority

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
7zip	25.04 plucky	Needs evaluation
	24.04 LTS noble	Needs evaluation
	22.04 LTS jammy	Needs evaluation

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2025-53816
https://securitylab.github.com/advisories/GHSL-2025-058_7-Zip/