CLSA-2026-1776872469 libarchive: Fix of CVE-2026-4424

CVE-2026-4424: fix heap out-of-bounds read in RAR reader due to LZSS window size mismatch after PPMd block...

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

EUVD-2026-13097

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

CVE-2026-4424 Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

JLSEC-2025-246 A vulnerability has been identified in the libarchive library

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

Libarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c

...

Medium: libarchive

Issue Overview: A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory...

AZL-63857 CVE-2025-5915 affecting package libarchive for versions less than 3.6.1-7

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

SUSE-SU-2025:20050-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2024-20696: Fixed out-of-bounds access in in copyfromlzsswindowtounp bsc1225971 - CVE-2024-20697: Fixed heap based buffer overflow in rar e8 filter bsc1225972...