{}

{}

{}

{"acknowledgement": "This issue was discovered by AISLE in partnership with Red Hat.", "bugzilla": {"description": "libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service", "id": "2460975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460975"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processing this crafted signature could lead to a denial of service in automated package or repository processing workflows."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-48863", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "satellite-capsule:el8/libsolv", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhui:4::el8", "fix_state": "Not affected", "package_name": "libsolv", "product_name": "Red Hat Update Infrastructure 4 for Cloud Providers"}], "public_date": "2026-05-26T18:53:04Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-48863\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-48863"], "statement": "This is an Important memory-safety flaw in libsolv's PGP verification component, which can be triggered by specially crafted Ed25519 signatures. The vulnerability allows for a stack-based buffer overflow, potentially leading to a denial of service in automated package or repository processing workflows when verifying attacker-controlled signed content or metadata. This vulnerability doesn't affect any support Red Hat products as the vulnerable function is only compiled when `ENABLE_PUBKEY` configuration is enabled during build time. Such configuration option is disabled when the `libsolv` package is built for Red Hat Enterprise Linux versions, thus the affected code is not present in the final distributed binary.", "threat_severity": "Important"}

{}