Astra Linux - уязвимость в libarchive

A issue was discovered in libarchive bsdtar before version 3.8.1, in the function applysubstitution in the file tar/subst.c, when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to a denial of service Out-of-Memory crash...

CLSA-2026-1778894153 libarchive: Fix of CVE-2025-60753

CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...

CLSA-2026-1778893359 libarchive: Fix of CVE-2025-60753

CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016794 advisory. An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. Th...

Astra Linux - уязвимость в libarchive

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are passed into bsdtar, potentially allowing for reading beyond the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior,...

JLSEC-2026-153

An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service Out-of-Memory crash...

Oracle Linux 8 : libarchive (ELSA-2026-8534)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8534 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 10 : libarchive (ELSA-2026-8492)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8492 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

SUSE CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

EUVD-2026-19705

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

DEBIAN-CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

UBUNTU-CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

PT-2026-30880

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw exists in libarchive's ACL parsing logic within the archive acl from text nl function. Insufficient validation when processing malformed ACL strings, such as a bare "d" or "default"...

AlmaLinux 9 : libarchive (ALSA-2026:5080)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5080 advisory. libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive CVE-2026-4111 Tenable has extracted the preceding description...

Oracle Linux 9 : libarchive (ELSA-2026-5080)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5080 advisory. 3.5.3-7 - Resolves: CVE-2026-4111 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

Oracle Linux 10 : libarchive (ELSA-2026-5063)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5063 advisory. 3.7.7-5 - Resolves: CVE-2026-4111 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...