Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:8864: Important: libarchive security update

redhatcve-2026-4424cve-2026-5121
This important security update for libarchive addresses two high-severity vulnerabilities (CVE-2026-4424 and CVE-2026-5121, both CVSS 7.5/HIGH): an information disclosure via a heap out-of-bounds read in RAR archive processing and arbitrary code execution via an integer overflow in ISO9660 image processing. The update is available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions across multiple architectures. Organizations should apply the update, which includes packages like libarchive-3.5.3-5.el9_2.2, via their standard patch management process.
Read Full Article →

Red Hat Product Errata RHSA-2026:8864 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8864 - Security Advisory Overview Updated Packages Synopsis Important: libarchive security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libarchive is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424) libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing (CVE-2026-5121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2449006 - CVE-2026-4424 libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing BZ - 2452945 - CVE-2026-5121 libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVEs CVE-2026-4424 CVE-2026-5121 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM libarchive-3.5.3-5.el9_2.2.src.rpm SHA-256: 17e405402170d08c3de2ca320e8a85198ea0f9a12f23adb55669aa697cf5ffcd x86_64 bsdcat-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 95492bb2af0076dcf5e164389dbdc3526d56b1ec1fb113284929dba6141975ce bsdcat-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: ad4f49a527bc53a5c2c2bfbb12623e0647c7686b5cb59b07913d8f9aa01261b0 bsdcat-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: ad4f49a527bc53a5c2c2bfbb12623e0647c7686b5cb59b07913d8f9aa01261b0 bsdcpio-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: d7756cb93b1a7a871b6a0f9348ef47e062eb7eb2582c4be03f06f27283df11fa bsdcpio-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 358b0078797048a7a8bcae5f949b901460ab7b6bcb68c47981da12e4c9caf9f3 bsdcpio-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 358b0078797048a7a8bcae5f949b901460ab7b6bcb68c47981da12e4c9caf9f3 bsdtar-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 1b3d3996da594628bbb212156e8ef555781a58eb4a84b15e9039484d2cd58aa4 bsdtar-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 88b5686fe7c72d2512723d6645d76f7b8087317935f9ce547d1d111f64bf647e bsdtar-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: a6da7ad0000c62c2efae6ccad758799baaffed6493b110696d66de037de20fb4 bsdtar-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: a6da7ad0000c62c2efae6ccad758799baaffed6493b110696d66de037de20fb4 libarchive-3.5.3-5.el9_2.2.i686.rpm SHA-256: 95d468a3b1dd7b4469e8a71aacc97c480bfacae992eaa8b8ea8e3ab3b6d52284 libarchive-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6a8071a4424e835502466c766c345472974e0a6ba22d4863f77fd9391927ca11 libarchive-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 62986c3b33ec5536c3076e91355792040a9f2c943ebc942ad4d68656be62a5ee libarchive-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6bde3134657fb973159a9a3fc77125eee66150ceb555ba0d29c5d6f56004cc6a libarchive-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6bde3134657fb973159a9a3fc77125eee66150ceb555ba0d29c5d6f56004cc6a libarchive-debugsource-3.5.3-5.el9_2.2.i686.rpm SHA-256: 25d44b929dadc50b09f840aa66439984f885f38c4235ab2168b624b40abb82d9 libarchive-debugsource-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: b1baef3529cc032089d5e9fc08dd6c85918e1a77a7e502346277f72d3c50ebc7 libarchive-debugsource-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: b1baef3529cc032089d5e9fc08dd6c85918e1a77a7e502346277f72d3c50ebc7 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM libarchive-3.5.3-5.el9_2.2.src.rpm SHA-256: 17e405402170d08c3de2ca320e8a85198ea0f9a12f23adb55669aa697cf5ffcd ppc64le bsdcat-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 93f1ee6232e9ce72b57ed4f6308845c2fbec76bb555b0cd6f13e9ea20278cf64 bsdcat-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 93f1ee6232e9ce72b57ed4f6308845c2fbec76bb555b0cd6f13e9ea20278cf64 bsdcpio-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 0fe8b42fbe11de6ef24d9928e67ed6164a8f8dedfe3efdb445f8302a8cb74893 bsdcpio-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 0fe8b42fbe11de6ef24d9928e67ed6164a8f8dedfe3efdb445f8302a8cb74893 bsdtar-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: caa5bff72c7c00366e4ad8d7bf41efc3958b8e3b1000aa6d42e362c702e83040 bsdtar-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 758cf7163eeaf22cf38e5e4d361ce8629d0c77c49c6d3a03854ddd7d0dc9153f bsdtar-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 758cf7163eeaf22cf38e5e4d361ce8629d0c77c49c6d3a03854ddd7d0dc9153f libarchive-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 02aaef09fcfe032a13c15d0f03baef0504c92e658a68ef18e2e3a57674998c95 libarchive-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 5f41c202a9953a18d215298ba1a974ef2c730e66018eca9b0ce7037c2ceea454 libarchive-debuginfo-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: 5f41c202a9953a18d215298ba1a974ef2c730e66018eca9b0ce7037c2ceea454 libarchive-debugsource-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: a50f5a188a2bc5617d554d8effdda3a57f8a5fc40e1fdd5335e6af5f76bd3d5b libarchive-debugsource-3.5.3-5.el9_2.2.ppc64le.rpm SHA-256: a50f5a188a2bc5617d554d8effdda3a57f8a5fc40e1fdd5335e6af5f76bd3d5b Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM libarchive-3.5.3-5.el9_2.2.src.rpm SHA-256: 17e405402170d08c3de2ca320e8a85198ea0f9a12f23adb55669aa697cf5ffcd x86_64 bsdcat-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 95492bb2af0076dcf5e164389dbdc3526d56b1ec1fb113284929dba6141975ce bsdcat-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: ad4f49a527bc53a5c2c2bfbb12623e0647c7686b5cb59b07913d8f9aa01261b0 bsdcat-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: ad4f49a527bc53a5c2c2bfbb12623e0647c7686b5cb59b07913d8f9aa01261b0 bsdcpio-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: d7756cb93b1a7a871b6a0f9348ef47e062eb7eb2582c4be03f06f27283df11fa bsdcpio-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 358b0078797048a7a8bcae5f949b901460ab7b6bcb68c47981da12e4c9caf9f3 bsdcpio-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 358b0078797048a7a8bcae5f949b901460ab7b6bcb68c47981da12e4c9caf9f3 bsdtar-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 1b3d3996da594628bbb212156e8ef555781a58eb4a84b15e9039484d2cd58aa4 bsdtar-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 88b5686fe7c72d2512723d6645d76f7b8087317935f9ce547d1d111f64bf647e bsdtar-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: a6da7ad0000c62c2efae6ccad758799baaffed6493b110696d66de037de20fb4 bsdtar-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: a6da7ad0000c62c2efae6ccad758799baaffed6493b110696d66de037de20fb4 libarchive-3.5.3-5.el9_2.2.i686.rpm SHA-256: 95d468a3b1dd7b4469e8a71aacc97c480bfacae992eaa8b8ea8e3ab3b6d52284 libarchive-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6a8071a4424e835502466c766c345472974e0a6ba22d4863f77fd9391927ca11 libarchive-debuginfo-3.5.3-5.el9_2.2.i686.rpm SHA-256: 62986c3b33ec5536c3076e91355792040a9f2c943ebc942ad4d68656be62a5ee libarchive-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6bde3134657fb973159a9a3fc77125eee66150ceb555ba0d29c5d6f56004cc6a libarchive-debuginfo-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: 6bde3134657fb973159a9a3fc77125eee66150ceb555ba0d29c5d6f56004cc6a libarchive-debugsource-3.5.3-5.el9_2.2.i686.rpm SHA-256: 25d44b929dadc50b09f840aa66439984f885f38c4235ab2168b624b40abb82d9 libarchive-debugsource-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: b1baef3529cc032089d5e9fc08dd6c85918e1a77a7e502346277f72d3c50ebc7 libarchive-debugsource-3.5.3-5.el9_2.2.x86_64.rpm SHA-256: b1baef3529cc032089d5e9fc08dd6c85918e1a77a7e502346277f72d3c50ebc7 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM libarchive-3.5.3-5.el9_2.2.src.rpm SHA-256: 17e405402170d08c3de2ca320e8a85198ea0f9a12f23adb55669aa697cf5ffcd aarch64 bsdcat-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 8d4960a35c9334cb445b04711d558274d53bbee7692c003f033f08261c4c273b bsdcat-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 8d4960a35c9334cb445b04711d558274d53bbee7692c003f033f08261c4c273b bsdcpio-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 162cc165186acc86c6dcdf76ad886b120d31f2b13162e062a2c39966f28f16ca bsdcpio-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 162cc165186acc86c6dcdf76ad886b120d31f2b13162e062a2c39966f28f16ca bsdtar-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 668e940521763276035a47aa9efeb8489d51a44a49299a54bc6447f42c10b1e5 bsdtar-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SHA-256: 51b8bebafadaf11ccaf6f9c6992f1584b96ac36fc0a2c9de0d2734ee003785a7 bsdtar-debuginfo-3.5.3-5.el9_2.2.aarch64.rpm SH

Related Articles

HIGH RHSA-2026:8873: Important: libarchive security update Red Hat Errata HIGH RHSA-2026:8866: Important: libarchive security update Red Hat Errata HIGH RHSA-2026:9592: Important: libarchive security update Red Hat Errata HIGH RHSA-2026:8867: Important: libarchive security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn