CVE-2026-48864
EUVD-2026-3185926.05.2026, 17:16
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| opensuse | libsolv | 0.7.36 |
| redhat | hardened_images | - |
| redhat | openshift_container_platform | 4.0 |
| redhat | satellite | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
Red Hat Enterprise Linux Releases
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| libsolv |
| ||||
| libsolv-debuginfo |
| ||||
| libsolv-debugsource |
| ||||
| libsolv-demo |
| ||||
| libsolv-demo-debuginfo |
| ||||
| libsolv-devel |
| ||||
| libsolv-tools |
| ||||
| libsolv-tools-debuginfo |
| ||||
| perl-solv |
| ||||
| perl-solv-debuginfo |
| ||||
| python2-solv |
| ||||
| python3-solv |
| ||||
| python3-solv-debuginfo |
| ||||
| ruby-solv |
| ||||
| ruby-solv-debuginfo |
|
Common Weakness Enumeration
Vulnerability Media Exposure