Security update for libarchive (important)

openSUSE security update: security update for libarchive ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20797-1 Rating: important References: bsc1259635 bsc1259928 bsc1259931 bsc1261186 Cross-References: CVE-2026-4111 CVE-2026-4424 CVE-2026-4426...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libarchive vulnerabilities (USN-8292-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8292-1 advisory. It was discovered that libarchive incorrectly handled certain RAR archive...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary BM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

CVE-2026-4424 vulnerabilities

Vulnerabilities for packages: libarchive...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.39 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

CLSA-2026-1776872469 libarchive: Fix of CVE-2026-4424

CVE-2026-4424: fix heap out-of-bounds read in RAR reader due to LZSS window size mismatch after PPMd block...

RHEL 8 : libarchive (RHSA-2026:9592)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9592 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660...

AlmaLinux 10 : libarchive (ALSA-2026:8492)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:8492 advisory. libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4424 Tenable has extracted the preceding description...

Oracle Linux 9 : libarchive (ELSA-2026-8510)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8510 advisory. - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 9 : libarchive (ALSA-2026:8510)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:8510 advisory. libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4424 libarchive: libarchive: Arbitrary code...

Oracle Linux 8 : libarchive (ELSA-2026-8534)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8534 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

libarchive security update

3.5.3-9 - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121 3.5.3-8 - Release bump...

RHEL 10 : libarchive (RHSA-2026:8492)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8492 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

RHEL 8 : libarchive (RHSA-2026:8521)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8521 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660...

libarchive security update

3.7.7-8 - Resolves: CVE-2026-4424 3.7.7-7 - Release bump for typo in dist 3.7.7-6 - Release bump...

CVE-2026-4424

creationtimestamp| type| source ---|---|--- 2026-03-19 17:54:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhgl2yepz227 2026-03-19 19:47:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhgrfgr3vp2t 2026-04-17 16:36:48+00:00| seen|...

CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

EUVD-2026-4424

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...