`bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 28 Jan 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | `bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available. | |
| Title | bulk_extractor has Heap-based Buffer Overflow vulnerability | |
| Weaknesses | CWE-122 | |
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-01-28T21:30:35.410Z
Reserved: 2026-01-27T14:51:03.061Z
Link: CVE-2026-24857
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-01-28T22:15:56.350
Modified: 2026-01-28T22:15:56.350
Link: CVE-2026-24857
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses