FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Use-after-free in multi-threaded xz decoder

Affected packages
14.2 <= FreeBSD < 14.2_4
13.5 <= FreeBSD < 13.5_2

Details

VuXML ID 7642ba72-5abf-11f0-87ba-002590c1f29c
Discovery 2025-07-02
Entry 2025-07-06

Problem Description:

A worker thread could free its input buffer after decoding, while the main thread might still be writing to it. This leads to an use-after-free condition on heap memory.

Impact:

An attacker may use specifically crafted .xz file to cause multi-threaded xz decoder to crash, or potentially run arbitrary code under the credential the decoder was executed.

References

CVE Name CVE-2025-31115
FreeBSD Advisory SA-25:06.xz

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.