Key Information Vulnerability Overview Vulnerability Type: Null pointer dereference in 7-Zip before 25.00 Affected Versions: 7-Zip 24.09 and earlier versions Tested Version Tested Version: 7-Zip 24.09 Details Issue Description: When processing a Compound Document, if is a specific large value, it causes to become zero, leading to an attempt to write to a null pointer. Code Snippet: PoC: When compiling with ASAN and extracting a file, a null pointer write error is triggered. Impact Potential Risk: May lead to denial of service. Discoverer and Reporter Discoverer: GHSL team member @JarLob Disclosure Timeline 2025-04-24: Issue reported privately 2025-04-29: Report confirmed 2025-07-05: Fixed in v25.00