CVE-2026-9149 Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file

🗓️ 20 May 2026 23:34:56Reported by redhatType

Libsolv heap buffer overflow in repo_add_solv from negative maxsize in solv file, causing DoS.

Reporter	Title	Published	Views	Family All 32
ATTACKERKB	CVE-2026-9149	20 May 202623:34	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libsolv, libsolv-demo, libsolv-devel (ALAS2023-2026-1798)	8 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libsolv, --advisory ALAS2-2026-3338 (ALAS-2026-3338)	8 Jun 202600:00	–	nessus
Tenable Nessus	Photon OS 5.0: Libsolv PHSA-2026-5.0-0886	20 Jun 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-9149	22 May 202600:00	–	nessus
Amazon	Important: libsolv	8 Jun 202600:00	–	amazon
Amazon	Important: libsolv	8 Jun 202600:00	–	amazon
Circl	CVE-2026-9149	5 Jun 202613:35	–	circl
CNNVD	libsolv 安全漏洞	20 May 202600:00	–	cnnvd
CVE	CVE-2026-9149	20 May 202623:34	–	cve

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Hardened Images",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:hummingbird:1"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhcos",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Satellite 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "satellite-capsule:el8/libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:satellite:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Update Infrastructure 4 for Cloud Providers",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libsolv",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:rhui:4::el8"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2026-9149
github	www.github.com/openSUSE/libsolv/pull/617
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

21 May 2026 18:39Current

CVSS 3.16.5

EPSS0.00274

CWE-122