176 matches found
Astra Linux – Vulnerability in libarchive
A issue was discovered in libarchive bsdtar before version 3.8.1, in the function applysubstitution in the file tar/subst.c, when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to a denial of service Out-of-Memory crash...
EulerOS Virtualization 2.13.0 : libarchive (EulerOS-SA-2026-2172)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...
EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2026-2133)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...
CLSA-2026-1778894153 libarchive: Fix of CVE-2025-60753
CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...
CLSA-2026-1778893359 libarchive: Fix of CVE-2025-60753
CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016794 advisory. An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. Th...
JLSEC-2026-153
An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service Out-of-Memory crash...
Oracle Linux 8 : libarchive (ELSA-2026-8534)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8534 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...
Oracle Linux 10 : libarchive (ELSA-2026-8492)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8492 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...
SUSE CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
EUVD-2026-19705
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
DEBIAN-CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
UBUNTU-CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
CVE-2026-5745
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...
PT-2026-30880
Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw exists in libarchive's ACL parsing logic within the archive acl from text nl function. Insufficient validation when processing malformed ACL strings, such as a bare "d" or "default"...
AlmaLinux 9 : libarchive (ALSA-2026:5080)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5080 advisory. libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive CVE-2026-4111 Tenable has extracted the preceding description...
Oracle Linux 9 : libarchive (ELSA-2026-5080)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5080 advisory. 3.5.3-7 - Resolves: CVE-2026-4111 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...