漏洞关键信息 Severity High CVE ID CVE-2026-24857 Vulnerability Details Package: bulk_extractor Affected Versions: ≥ 1.4 Patched Versions: None Summary A heap-based buffer overflow exists in the RAR PPM LZ decoding path of the embedded unrar code in bulk_extractor. A crafted RAR inside a disk image can cause an out-of-bounds write in Unpack::CopyString, leading to a crash under ASAN. Potential for RCE due to heap buffer overflow. Exploit Steps 1. Generate a crafted RAR using the provided Python script. 2. Create a raw disk image and embed the RAR at 1 MB. 3. Build and run bulk_extractor with ASAN to trigger the overflow. Expected Result (ASAN) AddressSanitizer error indicating heap buffer overflow. Impact Possible crash/DOS processing a crafted RAR (including when embedded in a disk image). Memory corruption possible. No code execution claim, but theoretically possible.