`bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
References
History
Wed, 28 Jan 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | `bulk_extractor` is a digital forensics exploitation tool. Starting in version 1.4, `bulk_extractor`’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in `Unpack::CopyString`, leading to a crash under ASAN (and likely a crash or memory corruption in production builds). There's potential for using this for RCE. As of time of publication, no known patches are available. | |
| Title | bulk_extractor has Heap-based Buffer Overflow vulnerability | |
| Weaknesses | CWE-122 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-01-28T21:30:35.410Z
Reserved: 2026-01-27T14:51:03.061Z
Link: CVE-2026-24857
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-01-28T22:15:56.350
Modified: 2026-01-28T22:15:56.350
Link: CVE-2026-24857
Redhat
No data.
OpenCVE Enrichment
No data.