Red Hat Product Errata RHSA-2026:8867 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8867 - Security Advisory Overview Updated Packages Synopsis Important: libarchive security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libarchive is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424) libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing (CVE-2026-5121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2449006 - CVE-2026-4424 libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing BZ - 2452945 - CVE-2026-5121 libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVEs CVE-2026-4424 CVE-2026-5121 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM libarchive-3.5.3-2.el9_0.4.src.rpm SHA-256: 7e23f21219654ef3af3b51b15b3071c02a8ee9cfad87b79dd04750666b3614a4 ppc64le bsdcat-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: e39e61b4cb8a09d05b426d39494df41d658a1f53263415aa79d924b24c588374 bsdcat-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: e39e61b4cb8a09d05b426d39494df41d658a1f53263415aa79d924b24c588374 bsdcpio-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: 6f7fd9526d97040511da7a5dbf9d9bbecbc6be94351ce92bab54e9ec989e8c47 bsdcpio-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: 6f7fd9526d97040511da7a5dbf9d9bbecbc6be94351ce92bab54e9ec989e8c47 bsdtar-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: e141cf83b36ef34bf3c71fa0774853db096bd1087dd1f1848b86f60e3b827879 bsdtar-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: 07c4624cc4504b20e8c67b0772d4ee1fefd5c6f375a5c95390ef6810cea15b84 bsdtar-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: 07c4624cc4504b20e8c67b0772d4ee1fefd5c6f375a5c95390ef6810cea15b84 libarchive-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: 952e2896b6dfbcb941f576f30aba105d3bf2bd464561464595b724b77dc47a34 libarchive-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: c4449206f366c73aa2ac7d902d9e6e2c6edd1450452064a03c96cada1bfe9db8 libarchive-debuginfo-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: c4449206f366c73aa2ac7d902d9e6e2c6edd1450452064a03c96cada1bfe9db8 libarchive-debugsource-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: e7d5f27d1a55a7712023545ca1adcef0dee871f72125df576c862d973f58f214 libarchive-debugsource-3.5.3-2.el9_0.4.ppc64le.rpm SHA-256: e7d5f27d1a55a7712023545ca1adcef0dee871f72125df576c862d973f58f214 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM libarchive-3.5.3-2.el9_0.4.src.rpm SHA-256: 7e23f21219654ef3af3b51b15b3071c02a8ee9cfad87b79dd04750666b3614a4 x86_64 bsdcat-debuginfo-3.5.3-2.el9_0.4.i686.rpm SHA-256: 4251e43bc2e482722477f813c85b9cc6a3b7cc8a1b7ef121ce53eaf92701bbfc bsdcat-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 745707a786cd78676538d7b43e7873e4f80cab6d45df5d90e6a34f04befeb53b bsdcat-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 745707a786cd78676538d7b43e7873e4f80cab6d45df5d90e6a34f04befeb53b bsdcpio-debuginfo-3.5.3-2.el9_0.4.i686.rpm SHA-256: 7c5d6038dd271f0e96eba42cf1c88b534f4031f5cba76c7c66a373fc41f8acdf bsdcpio-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 72a0cf04d496f650a7e6b2a47223c45a4faa3c9a8e6ea4a08c4f5c65587358f0 bsdcpio-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 72a0cf04d496f650a7e6b2a47223c45a4faa3c9a8e6ea4a08c4f5c65587358f0 bsdtar-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: b6972b7da7c420952548b3022e8bee9c4bdb8f4f4706ab19d9e4ab0f1dd39c69 bsdtar-debuginfo-3.5.3-2.el9_0.4.i686.rpm SHA-256: 6d22a9ed69be10a171bd3c7c869cab347881673e7aad63a7ec55f00ddc22906b bsdtar-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: a9d1fe8b5f9c285446e5f3ce636b3d73735ba24d6766eb749f7aee3405063509 bsdtar-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: a9d1fe8b5f9c285446e5f3ce636b3d73735ba24d6766eb749f7aee3405063509 libarchive-3.5.3-2.el9_0.4.i686.rpm SHA-256: fbfeb0a482b5b27b78ea2032a40eeb9bdbc93c7c7a44f605d3fa6f4bfe9db160 libarchive-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 23e0f49e96ae104db7c634b966635c724153e8e9fb2107d9ff8eaad013763b8b libarchive-debuginfo-3.5.3-2.el9_0.4.i686.rpm SHA-256: cdc83eaa73aa3c066fe25ae865d661e4c94832743d469896051d0672bfe18767 libarchive-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 846df2a508f28e405beedb14081191e7805d536073323fee3700597fca2cdd98 libarchive-debuginfo-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 846df2a508f28e405beedb14081191e7805d536073323fee3700597fca2cdd98 libarchive-debugsource-3.5.3-2.el9_0.4.i686.rpm SHA-256: b70d737309a1fcc86d7011a4876a423719bd7dff7499dca1fe5fe908215bc534 libarchive-debugsource-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 3bd82e6d638fc22263eb7a755e2c2849241a66348b38a153ed7975187ee0d099 libarchive-debugsource-3.5.3-2.el9_0.4.x86_64.rpm SHA-256: 3bd82e6d638fc22263eb7a755e2c2849241a66348b38a153ed7975187ee0d099 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM libarchive-3.5.3-2.el9_0.4.src.rpm SHA-256: 7e23f21219654ef3af3b51b15b3071c02a8ee9cfad87b79dd04750666b3614a4 aarch64 bsdcat-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: a7638425783845d03dd4c9096c636991fc96c25e3378cdaff2862c178bfb9619 bsdcat-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: a7638425783845d03dd4c9096c636991fc96c25e3378cdaff2862c178bfb9619 bsdcpio-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: c073cb72205590161e6c598084bec97b115f27fec8835547a6d26b6778c928e9 bsdcpio-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: c073cb72205590161e6c598084bec97b115f27fec8835547a6d26b6778c928e9 bsdtar-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 87a301d571740c983bedcc74f66df550f074fa200506a5085a2ccc0e2e61d087 bsdtar-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 15f8b627671ddf14d33da7fa65defc6ac6a32d4836e9719bdc7bfa19829aa115 bsdtar-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 15f8b627671ddf14d33da7fa65defc6ac6a32d4836e9719bdc7bfa19829aa115 libarchive-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 931946c71e860f6399f4e24c1af5064e537d3667d9efe9e2a975cd1bd19d2c3a libarchive-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 3def2a89c397838d567d69a78c85202630e0857e7e8933bc9adcee63ecd18e41 libarchive-debuginfo-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 3def2a89c397838d567d69a78c85202630e0857e7e8933bc9adcee63ecd18e41 libarchive-debugsource-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 8777ced6cae8f0ed04b8fa246c118be59efd10d44e7a6cd57a9bb13bba552a8f libarchive-debugsource-3.5.3-2.el9_0.4.aarch64.rpm SHA-256: 8777ced6cae8f0ed04b8fa246c118be59efd10d44e7a6cd57a9bb13bba552a8f Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM libarchive-3.5.3-2.el9_0.4.src.rpm SHA-256: 7e23f21219654ef3af3b51b15b3071c02a8ee9cfad87b79dd04750666b3614a4 s390x bsdcat-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 5fc1b9cba30e4e527ec0186f994878ccba00ccc69a331f038a7f2af21363aace bsdcat-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 5fc1b9cba30e4e527ec0186f994878ccba00ccc69a331f038a7f2af21363aace bsdcpio-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 6c64d81f0323ec31cd26609beda69c01a7ef52db11c25c31d2cdd9569dd6b68c bsdcpio-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 6c64d81f0323ec31cd26609beda69c01a7ef52db11c25c31d2cdd9569dd6b68c bsdtar-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 156384a0ba937f434417ee82ff783d85b22097f5685bb9a8c1faa478b26f1ca4 bsdtar-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: e086f65e9ae4e69e14e42fa05fc08f2ffd99a2436b48b5290595e534e80f51dd bsdtar-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: e086f65e9ae4e69e14e42fa05fc08f2ffd99a2436b48b5290595e534e80f51dd libarchive-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 94c97d2ad283f8b9167c7d1f499070f3a04d840fe7da148394b45b689551db08 libarchive-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 0edf786c9e9085b1dc3dc67cec24739978f62941277665c7a0140b26e86c8782 libarchive-debuginfo-3.5.3-2.el9_0.4.s390x.rpm SHA-256: 0edf786c9e9085b1dc3dc67cec24739978f62941277665c7a0140b26e86c8782 libarchive-debugsource-3.5.3-2.el9_0.4.s390x.rpm SHA-256: bbd64d5ee866aadce9498c9940c2fd4f4a156cb3d33829540806a973ab942dee libarchive-debugsource-3.5.3-2.el9_0.4.s390x.rpm SHA-256: bbd64d5ee866aadce9498c9940c2fd4f4a156cb3d33829540806a973ab942dee The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .