← Retour aux CVEs
CVE-2026-24857
CRITICAL9.8
Description
`bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie1/28/2026
Derniere modification2/9/2026
Sourcenvd
Observations honeypot0
Produits affectes
simsong:bulk_extractor
Faiblesses (CWE)
CWE-122CWE-787
References
https://github.com/simsong/bulk_extractor/security/advisories/GHSA-rh8m-9xrx-q64q(security-advisories@github.com)
https://github.com/simsong/bulk_extractor/security/advisories/GHSA-rh8m-9xrx-q64q(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.