Open-source file archiving software 7-ZIP was noted by its creator Igor Pavlov to not have been impacted by any security issue after verified X user @NSA_Employee39 purportedly leaked a zero-day affecting the archiver that could allegedly be exploited for arbitrary code execution, according to Security Affairs.
Claimed to leverage a custom .7z archive with an atypical LZMA stream to facilitate RC_NORM buffer overflow, such a vulnerability has been dismissed by Pavlov as a fake that involved artificial intelligence-generated code.
"...[T]here is no RC_NORM function in LZMA decoder. Instead, 7-Zip contains RC_NORM macro in LZMA encoder and PPMD decoder. Thus, the LZMA decoding code does not call RC_NORM. And the statement about RC_NORM in the exploit comment is not true," said Pavlov.
The veracity of the zero-day has also been questioned by other experts, including @LowLevelTweets on X.
"Been messing with this PoC for over an hour and can't get it to do anything. No crashes, no hangs. Doesn't timeout," he said.
