Listen to this Post
How the mentioned CVE works:
The CVE-2025-45110 vulnerability exists within the rardecode library (versions 2.1.1 and earlier). The library’s code for parsing RAR archive headers does not properly validate the `dict_size` field. A specially crafted RAR file can be created with an abnormally large, malicious value for this field. When rardecode processes this file, it attempts to allocate a memory block based on the attacker-controlled `dict_size` value. Since this value is not restricted, the library tries to allocate an enormous amount of system memory. This excessive memory allocation attempt leads to an Out-of-Memory (OOM) condition in the application using the library, resulting in a crash and Denial of Service (DoS).
Platform: Go package
Version: <=2.1.1
Vulnerability: DoS
Severity: Moderate
date: 2025-10-10
Prediction: 2025-10-31
What Undercode Say:
go list -m all | grep rardecode
archive, err := rardecode.OpenReader("malicious.rar")
if err != nil {
log.Fatal(err)
}
defer archive.Close()
How Exploit:
Attacker sends a malicious RAR file containing an unrealistically large dictionary size value in its header. The victim’s application uses the vulnerable rardecode library to process the file, triggering the massive memory allocation and subsequent crash.
Protection from this CVE:
Upgrade rardecode library.
Input validation/sanitization.
Memory usage limits.
Impact:
Application crash.
Denial of Service.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
