CVE-2026-5121

EUVD-2026-17073
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
libarchivelibarchive
-
redhathardened_images
-
redhatopenshift_container_platform
4.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
redhatenterprise_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libarchive
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
3.4.3-2+deb11u4
fixed
forky
3.8.7-1
fixed
sid
3.8.7-1
fixed
trixie
no-dsa
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bsdtar
RHEL 8
0:3.3.3-7.el8_10
fixed
RHEL 8.2 AUS
0:3.3.2-8.el8_2.2
fixed
RHEL 8.4 AUS
0:3.3.3-1.el8_4.2
fixed
RHEL 8.6 AUS
0:3.3.3-6.el8_6.1
fixed
RHEL 8.6 E4S
0:3.3.3-6.el8_6.1
fixed
RHEL 8.6 TUS
0:3.3.3-6.el8_6.1
fixed
RHEL 8.8 E4S
0:3.3.3-5.el8_8.2
fixed
RHEL 8.8 TUS
0:3.3.3-5.el8_8.2
fixed
RHEL 9
0:3.5.3-9.el9_7
fixed
libarchive
RHEL 8
0:3.3.3-7.el8_10
fixed
RHEL 8.2 AUS
0:3.3.2-8.el8_2.2
fixed
RHEL 8.4 AUS
0:3.3.3-1.el8_4.2
fixed
RHEL 8.6 AUS
0:3.3.3-6.el8_6.1
fixed
RHEL 8.6 E4S
0:3.3.3-6.el8_6.1
fixed
RHEL 8.6 TUS
0:3.3.3-6.el8_6.1
fixed
RHEL 8.8 E4S
0:3.3.3-5.el8_8.2
fixed
RHEL 8.8 TUS
0:3.3.3-5.el8_8.2
fixed
RHEL 9
0:3.5.3-9.el9_7
fixed
libarchive-devel
RHEL 8
0:3.3.3-7.el8_10
fixed
RHEL 9
0:3.5.3-9.el9_7
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2026:10065
https://access.redhat.com/errata/RHSA-2026:10097
https://access.redhat.com/errata/RHSA-2026:11768
https://access.redhat.com/errata/RHSA-2026:12071
https://access.redhat.com/errata/RHSA-2026:12274
https://access.redhat.com/errata/RHSA-2026:13812
https://access.redhat.com/errata/RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:14937
https://access.redhat.com/errata/RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:8510
https://access.redhat.com/errata/RHSA-2026:8517
https://access.redhat.com/errata/RHSA-2026:8521
https://access.redhat.com/errata/RHSA-2026:8534
https://access.redhat.com/errata/RHSA-2026:8864
https://access.redhat.com/errata/RHSA-2026:8866
https://access.redhat.com/errata/RHSA-2026:8867
https://access.redhat.com/errata/RHSA-2026:8873
https://access.redhat.com/errata/RHSA-2026:8908
https://access.redhat.com/errata/RHSA-2026:8944
https://access.redhat.com/errata/RHSA-2026:9026
https://access.redhat.com/errata/RHSA-2026:9592
https://access.redhat.com/errata/RHSA-2026:9832
https://access.redhat.com/security/cve/CVE-2026-5121
https://bugzilla.redhat.com/show_bug.cgi?id=2452945
https://github.com/advisories/GHSA-2vwv-vqpv-v8vc
https://github.com/libarchive/libarchive/pull/2934