CVE-2026-24857
Published: 01/28/2026 22:15:56
`bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available.
Unknown
CVSS v2:
CVSS v2:
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | unrar (5.9.1) | Needs Triage | ||
| 25.4 | unrar (5.9.1) | Needs Triage | ||
| 25.3 | unrar (5.9.1) | Needs Triage | ||
| 25.2 | unrar (5.9.1) | Needs Triage | ||
| 25.1.1 | unrar (5.9.1) | Needs Triage | ||
| 25.1 | unrar (5.9.1) | Needs Triage | ||
| 24.4 | unrar (5.9.1) | Needs Triage | ||
| 24.4.0 | unrar (5.9.1) | Needs Triage | ||
| 24.3 | unrar (5.9.1) | Needs Triage | ||
| 24.2.1 | unrar (5.9.1) | Needs Triage | ||
| 24.2 | unrar (5.9.1) | Needs Triage | ||
| 24.1 | unrar (5.9.1) | Needs Triage | ||
| 23.3 | unrar (5.9.1) | Needs Triage | ||
| 23.2.1 | unrar (5.9.1) | Needs Triage | ||
| 23.2 | unrar (5.9.1) | Needs Triage | ||
| 23.1 | unrar (5.9.1) | Needs Triage | ||
| 22.4 | unrar (5.9.1) | Needs Triage | ||
| 22.3 | unrar (5.9.1) | Needs Triage | ||
| 22.2 | unrar (5.9.1) | Needs Triage | ||
| 22.1 | unrar (5.9.1) | Needs Triage | ||
| 21.11.1 | unrar (5.9.1) | Needs Triage | ||
| 21.11 | unrar (5.9.1) | Needs Triage | ||
| 21.8.1 | unrar (5.9.1) | Needs Triage | ||
| 21.8 | unrar (5.9.1) | Needs Triage | ||
| 21.5.1 | unrar (5.9.1) | Needs Triage | ||
| 21.5.0 | unrar (5.9.1) | Needs Triage | ||
| 21.2.0 | unrar (5.9.1) | Needs Triage | ||
| 11.4.20 | unrar (5.9.1) | Needs Triage | ||
| 11.4.19.3667 | unrar (5.9.1) | Needs Triage | ||
| 11.4.18.3599 | unrar (5.9.1) | Needs Triage | ||
| 11.4.17 | unrar (5.9.1) | Needs Triage | ||
| 11.4.16.3445 | unrar (5.3.9) | Needs Triage | ||
| 11.4.15.3368 | unrar (5.3.9) | Needs Triage | ||
| 11.4.14.3263 | unrar (5.3.9) | Needs Triage | ||
| 11.4.13.3179 | unrar (5.3.9) | Needs Triage | ||
| 11.4.12.3054 | unrar (5.3.9) | Needs Triage | ||
| 11.4.11.3040 | unrar (5.3.9) | Needs Triage | ||
| 11.4.11.2990 | unrar (5.3.9) | Needs Triage | ||
| 11.4.10.2934 | unrar (5.3.9) | Needs Triage | ||
| 11.4.9.2878 | unrar (5.3.9) | Needs Triage | ||
| 11.4.8.2822 | unrar (5.3.9) | Needs Triage |