An Undefined Behavior vulnerability exists in the zisofs decompression logic of the libarchive library. The flaw is caused by improper validation of the pz_log2_bs field, which is directly read from ISO9660 Rock Ridge extensions and used as a shift exponent in arithmetic operations. When a specially crafted ISO file provides an out-of-range value (e.g., ≥64 on 64-bit systems), it triggers undefined behavior due to invalid shift operations, leading to incorrect memory allocation and potential crashes. This vulnerability can be exploited by supplying a malicious ISO file, resulting in denial-of-service conditions in applications that process ISO images.