Note that the standard 'p7zip' package from Debian/Ubuntu doesn't support RAR. However, they have an additional package 'p7zip-full' or 'p7zip-rar' for RAR support. I didn't check explicitly, but I assume these are affected.
I checked the versions in buster (p7zip-full 16.02+dfsg-6, p7zip-rar 16.02-2) and they look unaffected to me. Turns out that the Debian maintainers patch upstream sources to include hardening flags, e.g. -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wl,-z,relro. You can use hardening-check to check the binaries on your system.
Okay, so these packages come with more mitigations than 7-Zip on Windows. However, looking at the source code, I am pretty sure they are affected by the same bug.
"Unaffected" was probably the wrong word to use. What I meant is that one of the mitigations (making the executables position-independent) should prevent the bug from being exploitable for remote code execution on Debian.