Red Hat Product Errata RHSA-2026:8873 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8873 - Security Advisory Overview Updated Packages Synopsis Important: libarchive security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libarchive is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424) libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing (CVE-2026-5121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2449006 - CVE-2026-4424 libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing BZ - 2452945 - CVE-2026-5121 libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVEs CVE-2026-4424 CVE-2026-5121 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM libarchive-3.5.3-5.el9_4.src.rpm SHA-256: 47c01fefb1858676d1f0f6f79eea5e5fc7b0a30110ac055fcfb873aae1eceecc x86_64 bsdcat-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: f6ab29d35c64185a4f7ed6528dc01f276e7b4ed1ad470f21c7984861e081dbbf bsdcat-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: f6ab29d35c64185a4f7ed6528dc01f276e7b4ed1ad470f21c7984861e081dbbf bsdcat-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 0918e63f63bcd19f5d42207933d9321c05f2a9897a45403df42b56307a58a50f bsdcat-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 0918e63f63bcd19f5d42207933d9321c05f2a9897a45403df42b56307a58a50f bsdcpio-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 8122c014e3cfa4e5176036181b7e6fca29178c9d331158ef960887ff8e154369 bsdcpio-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 8122c014e3cfa4e5176036181b7e6fca29178c9d331158ef960887ff8e154369 bsdcpio-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 989589ad7065d7221fb23158d415190ce7a2b2d5a940da7d6ccecc2217fd58d2 bsdcpio-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 989589ad7065d7221fb23158d415190ce7a2b2d5a940da7d6ccecc2217fd58d2 bsdtar-3.5.3-5.el9_4.x86_64.rpm SHA-256: ac173f21c5a6dcbad27c72e9ec4f34926bcf3605a7cac600a90ab35e2fc5de62 bsdtar-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: b189e1647630aa1ab9914f55f991cc288a1deae88cab54eda0b29d95f876b5b5 bsdtar-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: b189e1647630aa1ab9914f55f991cc288a1deae88cab54eda0b29d95f876b5b5 bsdtar-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: bdcf3d2b84fa3559bc4fb44bd978b36b4219a3e237b1bc08122f5a041ba256ce bsdtar-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: bdcf3d2b84fa3559bc4fb44bd978b36b4219a3e237b1bc08122f5a041ba256ce libarchive-3.5.3-5.el9_4.i686.rpm SHA-256: e4f7dd99555a59b776ae6ff98fe9724a4e2e04d51b1dfc3c23b1b63570f66ace libarchive-3.5.3-5.el9_4.x86_64.rpm SHA-256: 57c03012b198734bc2c3bab1a7c3dd43f52a81e0d5e2df8df1c8533ada1d461e libarchive-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 4b4139a2664ef69f7c174a49ed56b1f29b451939c3d9d4f8327d37bc2aaae248 libarchive-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 4b4139a2664ef69f7c174a49ed56b1f29b451939c3d9d4f8327d37bc2aaae248 libarchive-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 69fa88fd4dd3a22a0b67af470a486205dc85653987b5fce243791174941278b5 libarchive-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 69fa88fd4dd3a22a0b67af470a486205dc85653987b5fce243791174941278b5 libarchive-debugsource-3.5.3-5.el9_4.i686.rpm SHA-256: 9f57182eede75b648572f2b102d264e3d61e9d7944feb4f6ae95a2c7587f082c libarchive-debugsource-3.5.3-5.el9_4.i686.rpm SHA-256: 9f57182eede75b648572f2b102d264e3d61e9d7944feb4f6ae95a2c7587f082c libarchive-debugsource-3.5.3-5.el9_4.x86_64.rpm SHA-256: c8a2ef3a8f2962f31958435fb543468aac83dfc4d4bde9bb079b7dab5d977e07 libarchive-debugsource-3.5.3-5.el9_4.x86_64.rpm SHA-256: c8a2ef3a8f2962f31958435fb543468aac83dfc4d4bde9bb079b7dab5d977e07 libarchive-devel-3.5.3-5.el9_4.i686.rpm SHA-256: c42345f2ed2ec44c799fb9835bccbd70c95ad806f3ad4749fc223d675498c141 libarchive-devel-3.5.3-5.el9_4.x86_64.rpm SHA-256: 938fe345189b944d7423a5f03ebea3b366349b2ab55dde27277ef15b114ff620 Red Hat Enterprise Linux Server - AUS 9.4 SRPM libarchive-3.5.3-5.el9_4.src.rpm SHA-256: 47c01fefb1858676d1f0f6f79eea5e5fc7b0a30110ac055fcfb873aae1eceecc x86_64 bsdcat-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: f6ab29d35c64185a4f7ed6528dc01f276e7b4ed1ad470f21c7984861e081dbbf bsdcat-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: f6ab29d35c64185a4f7ed6528dc01f276e7b4ed1ad470f21c7984861e081dbbf bsdcat-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 0918e63f63bcd19f5d42207933d9321c05f2a9897a45403df42b56307a58a50f bsdcat-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 0918e63f63bcd19f5d42207933d9321c05f2a9897a45403df42b56307a58a50f bsdcpio-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 8122c014e3cfa4e5176036181b7e6fca29178c9d331158ef960887ff8e154369 bsdcpio-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 8122c014e3cfa4e5176036181b7e6fca29178c9d331158ef960887ff8e154369 bsdcpio-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 989589ad7065d7221fb23158d415190ce7a2b2d5a940da7d6ccecc2217fd58d2 bsdcpio-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 989589ad7065d7221fb23158d415190ce7a2b2d5a940da7d6ccecc2217fd58d2 bsdtar-3.5.3-5.el9_4.x86_64.rpm SHA-256: ac173f21c5a6dcbad27c72e9ec4f34926bcf3605a7cac600a90ab35e2fc5de62 bsdtar-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: b189e1647630aa1ab9914f55f991cc288a1deae88cab54eda0b29d95f876b5b5 bsdtar-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: b189e1647630aa1ab9914f55f991cc288a1deae88cab54eda0b29d95f876b5b5 bsdtar-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: bdcf3d2b84fa3559bc4fb44bd978b36b4219a3e237b1bc08122f5a041ba256ce bsdtar-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: bdcf3d2b84fa3559bc4fb44bd978b36b4219a3e237b1bc08122f5a041ba256ce libarchive-3.5.3-5.el9_4.i686.rpm SHA-256: e4f7dd99555a59b776ae6ff98fe9724a4e2e04d51b1dfc3c23b1b63570f66ace libarchive-3.5.3-5.el9_4.x86_64.rpm SHA-256: 57c03012b198734bc2c3bab1a7c3dd43f52a81e0d5e2df8df1c8533ada1d461e libarchive-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 4b4139a2664ef69f7c174a49ed56b1f29b451939c3d9d4f8327d37bc2aaae248 libarchive-debuginfo-3.5.3-5.el9_4.i686.rpm SHA-256: 4b4139a2664ef69f7c174a49ed56b1f29b451939c3d9d4f8327d37bc2aaae248 libarchive-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 69fa88fd4dd3a22a0b67af470a486205dc85653987b5fce243791174941278b5 libarchive-debuginfo-3.5.3-5.el9_4.x86_64.rpm SHA-256: 69fa88fd4dd3a22a0b67af470a486205dc85653987b5fce243791174941278b5 libarchive-debugsource-3.5.3-5.el9_4.i686.rpm SHA-256: 9f57182eede75b648572f2b102d264e3d61e9d7944feb4f6ae95a2c7587f082c libarchive-debugsource-3.5.3-5.el9_4.i686.rpm SHA-256: 9f57182eede75b648572f2b102d264e3d61e9d7944feb4f6ae95a2c7587f082c libarchive-debugsource-3.5.3-5.el9_4.x86_64.rpm SHA-256: c8a2ef3a8f2962f31958435fb543468aac83dfc4d4bde9bb079b7dab5d977e07 libarchive-debugsource-3.5.3-5.el9_4.x86_64.rpm SHA-256: c8a2ef3a8f2962f31958435fb543468aac83dfc4d4bde9bb079b7dab5d977e07 libarchive-devel-3.5.3-5.el9_4.i686.rpm SHA-256: c42345f2ed2ec44c799fb9835bccbd70c95ad806f3ad4749fc223d675498c141 libarchive-devel-3.5.3-5.el9_4.x86_64.rpm SHA-256: 938fe345189b944d7423a5f03ebea3b366349b2ab55dde27277ef15b114ff620 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM libarchive-3.5.3-5.el9_4.src.rpm SHA-256: 47c01fefb1858676d1f0f6f79eea5e5fc7b0a30110ac055fcfb873aae1eceecc s390x bsdcat-debuginfo-3.5.3-5.el9_4.s390x.rpm SHA-256: 16e75838c77c1e080a250f9e0ba6aa1eaf899c76bcec531053e57b495d30f983 bsdcat-debuginfo-3.5.3-5.el9_4.s390x.rpm SHA-256: 16e75838c77c1e080a250f9e0ba6aa1eaf899c76bcec531053e57b495d30f983 bsdcpio-debuginfo-3.5.3-5.el9_4.s390x.rpm SHA-256: 9868902e889f62276d37663ada70954eb06682f6dcf98931e8b5cc4ded7f95c4 bsdcpio-debuginfo-3.5.3-5.el9_4.s390x.rpm SHA-256: 9868902e889f62276d37663ada70954eb06682f6dcf98931e8b5cc4ded7f95c