EulerOS 2.0 SP11 : libarchive (EulerOS-SA-2026-2248)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...

EulerOS Virtualization 2.12.1 : libarchive (EulerOS-SA-2026-2078)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata...

EulerOS Virtualization 2.12.0 : libarchive (EulerOS-SA-2026-2103)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016784 advisory. A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially...

Fedora 44 : libarchive (2026-b42b8b1c00)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b42b8b1c00 advisory. CVE-2026-4111 libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive Tenable has extracted the preceding...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : libarchive (RHSA-2026:7093)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7093 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

RHEL 9 : libarchive (RHSA-2026:7105)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7105 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

RockyLinux 10 : libarchive (RLSA-2026:5063)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:5063 advisory. libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive CVE-2026-4111 Tenable has extracted the preceding description...

RockyLinux 9 : libarchive (RLSA-2026:5080)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:5080 advisory. libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive CVE-2026-4111 Tenable has extracted the preceding description...

CLSA-2026-1774375084 libarchive: Fix of CVE-2026-4111

CVE-2026-4111: Fix infinite loop in RAR5 decompression caused by blocklength exceeding half the window size, leading to CPU-consuming denial-of-service...

AlmaLinux 9 : libarchive (ALSA-2026:5080)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5080 advisory. libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archivereaddata in libarchive CVE-2026-4111 Tenable has extracted the preceding description...

RHEL 9 : libarchive (RHSA-2026:5080)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5080 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive

...

UBUNTU-CVE-2026-4111

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

CVE-2026-4111

The issue CVE-2026-4111 affects the libarchive library, specifically the RAR5 decompression logic. The vulnerability resides in archive_read_data() where processing a specially crafted RAR5 archive can enter an infinite loop, preventing forward progress and causing continuous CPU usage. The affec...