CVE-2026-5121 - Vulnerability Details

- Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing

Description

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.

Published: 2026-03-30

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is an integer overflow in libarchive’s ISO9660 zisofs block pointer allocation logic. Processing a specially crafted ISO image can trigger a heap buffer overflow, allowing an attacker to execute arbitrary code with the privileges of the process that uses libarchive. This weakness is classified as CWE‑190 and can lead to complete compromise of the affected system.

Affected Systems

Affected systems include Red Hat Enterprise Linux distributions 6 through 10, Red Hat Hardened Images, and Red Hat OpenShift Container Platform 4—all of which ship libarchive. The flaw is limited to 32‑bit builds and impacts any component that extracts ISO9660 images, such as the default container runtime and related tooling.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity, yet the EPSS score is below 1 %, showing rare exploitation evidence. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires an application to process a malicious ISO image; thus, the attack vector is primarily through supply of untrusted ISO files, either locally or over a network service that extracts them. No additional conditions are noted beyond the use of libarchive on a 32‑bit system.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Red Hat

Red Hat Enterprise Linux 7 Extended Lifecycle Support

affected

Version	Status	Constraints
`0:3.1.2-14.el7_9.2`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8

affected

Version	Status	Constraints
`0:3.3.3-7.el8_10`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.2 Advanced Update Support

affected

Version	Status	Constraints
`0:3.3.2-8.el8_2.2`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

affected

Version	Status	Constraints
`0:3.3.3-6.el8_6.1`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.6 Telecommunications Update Service

affected

Version	Status	Constraints
`0:3.3.3-6.el8_6.1`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

affected

Version	Status	Constraints
`0:3.3.3-6.el8_6.1`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.8 Telecommunications Update Service

affected

Version	Status	Constraints
`0:3.3.3-5.el8_8.2`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

affected

Version	Status	Constraints
`0:3.3.3-5.el8_8.2`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:3.5.3-9.el9_7`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9

affected

Version	Status	Constraints
`0:3.5.3-9.el9_7`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

affected

Version	Status	Constraints
`0:3.5.3-2.el9_0.4`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

affected

Version	Status	Constraints
`0:3.5.3-5.el9_2.2`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.4 Extended Update Support

affected

Version	Status	Constraints
`0:3.5.3-5.el9_4`	unaffected	< *

Red Hat

Red Hat Enterprise Linux 9.6 Extended Update Support

affected

Version	Status	Constraints
`0:3.5.3-7.el9_6.1`	unaffected	< *

Red Hat Red Hat Enterprise Linux 10 unaffected —

Red Hat Red Hat Enterprise Linux 6 unknown —

Red Hat Red Hat Hardened Images affected —

Red Hat Red Hat OpenShift Container Platform 4 affected —

Configuration 1 [-]

OR	cpe:2.3:a:libarchive:libarchive:-:::::::*
	cpe:2.3:a:redhat:hardened_images:-:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*

No data.

Vendor Product Confidence Versions

Redhat

Enterprise Linux

100%

Version	Status	Scheme	Platform
`—`	affected	—	—

Redhat

Openshift Container Platform

86%

Version	Status	Scheme	Platform
`—`	affected	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Workaround

To mitigate this issue, avoid processing untrusted ISO9660 images with applications that utilize `libarchive`. Users should only extract or read content from ISO images obtained from trusted sources.

OpenCVE Recommended Actions

Apply the latest Red Hat security updates that replace the vulnerable libarchive library for all affected RHEL releases
Ensure that the system remains fully patched by running the standard package manager update commands (yum/dnf update) and verifying that the libarchive package is at or above the patched version
If the system must handle ISO images, restrict processing to ISO files obtained from trusted sources and avoid performing extraction on untrusted input
Consider using alternative libraries or tools that do not contain the vulnerable code if remediation is not immediately possible
Implement network controls to block exposure of applications that automatically extract ISO images from external sources

Generated by OpenCVE AI on April 14, 2026 at 17:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00146.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://access.redhat.com/errata/RHSA-2026:8510
https://access.redhat.com/errata/RHSA-2026:8517
https://access.redhat.com/errata/RHSA-2026:8521
https://access.redhat.com/errata/RHSA-2026:8534
https://access.redhat.com/errata/RHSA-2026:8864
https://access.redhat.com/errata/RHSA-2026:8866
https://access.redhat.com/errata/RHSA-2026:8867
https://access.redhat.com/errata/RHSA-2026:8873
https://access.redhat.com/errata/RHSA-2026:8908
https://access.redhat.com/errata/RHSA-2026:9026
https://access.redhat.com/security/cve/CVE-2026-5121
https://bugzilla.redhat.com/show_bug.cgi?id=2452945
https://github.com/advisories/GHSA-2vwv-vqpv-v8vc
https://github.com/libarchive/libarchive/pull/2934
https://nvd.nist.gov/vuln/detail/CVE-2026-5121
https://www.cve.org/CVERecord?id=CVE-2026-5121

History

Mon, 20 Apr 2026 14:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_tus:8.8::baseos
References		https://access.redhat.com/errata/RHSA-2026:9026

Mon, 20 Apr 2026 08:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/o:redhat:rhel_eus:9.6::baseos
References		https://access.redhat.com/errata/RHSA-2026:8866

Mon, 20 Apr 2026 06:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Tus
CPEs		cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos
Vendors & Products		Redhat rhel Tus
References		https://access.redhat.com/errata/RHSA-2026:8908

Mon, 20 Apr 2026 05:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb cpe:/o:redhat:rhel_eus:9.4::baseos
Vendors & Products		Redhat rhel Eus
References		https://access.redhat.com/errata/RHSA-2026:8873

Mon, 20 Apr 2026 04:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/o:redhat:rhel_e4s:9.2::baseos
References		https://access.redhat.com/errata/RHSA-2026:8864

Mon, 20 Apr 2026 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos
Vendors & Products		Redhat rhel E4s
References		https://access.redhat.com/errata/RHSA-2026:8867

Thu, 16 Apr 2026 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel Els
CPEs	~~cpe:/o:redhat:enterprise_linux:7~~	cpe:/o:redhat:rhel_aus:8.2::baseos cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Aus Redhat rhel Els
References		https://access.redhat.com/errata/RHSA-2026:8517 https://access.redhat.com/errata/RHSA-2026:8521

Thu, 16 Apr 2026 19:00:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:8::crb cpe:/o:redhat:enterprise_linux:8::baseos
References		https://access.redhat.com/errata/RHSA-2026:8534

Thu, 16 Apr 2026 17:00:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
References		https://access.redhat.com/errata/RHSA-2026:8510

Tue, 14 Apr 2026 17:00:00 +0000

Type	Values Removed	Values Added
References		https://bugzilla.redhat.com/show_bug.cgi?id=2452945

Tue, 14 Apr 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Libarchive Libarchive libarchive Redhat hardened Images
CPEs		cpe:2.3:a:libarchive:libarchive:-:::::::* cpe:2.3:a:redhat:hardened_images:-:::::::* cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::* cpe:2.3:o:redhat:enterprise_linux:10.0:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
Vendors & Products		Libarchive Libarchive libarchive Redhat hardened Images

Tue, 14 Apr 2026 16:00:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Tue, 14 Apr 2026 15:45:00 +0000

Type	Values Removed	Values Added
References		https://github.com/advisories/GHSA-2vwv-vqpv-v8vc

Thu, 09 Apr 2026 17:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat hummingbird
CPEs		cpe:/a:redhat:hummingbird:1
Vendors & Products		Redhat hummingbird

Fri, 03 Apr 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Container Platform
Vendors & Products		Redhat openshift Container Platform

Wed, 01 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-122 CWE-680

Tue, 31 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-190
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 31 Mar 2026 03:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-122 CWE-680

Mon, 30 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://www.cve.org/CVERecord?id=CVE-2026-5121
Metrics	threat_severity `None`	threat_severity `Moderate`

Mon, 30 Mar 2026 08:15:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
Title		Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
First Time appeared		Redhat Redhat enterprise Linux Redhat openshift
CPEs		cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux Redhat openshift
References		https://access.redhat.com/security/cve/CVE-2026-5121 https://github.com/libarchive/libarchive/pull/2934

Subscriptions

Libarchive Libarchive

Redhat Enterprise Linux Hardened Images Hummingbird Openshift Openshift Container Platform Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-03-30T07:47:28.562Z

Updated: 2026-04-20T13:51:21.011Z

Reserved: 2026-03-30T07:39:27.352Z

Link: CVE-2026-5121

Vulnrichment

Updated: 2026-03-31T13:51:59.651Z

NVD

Status : Modified

Published: 2026-03-30T08:16:18.780

Modified: 2026-04-20T14:16:21.317

Link: CVE-2026-5121

Redhat

Severity : Moderate

Publid Date: 2026-03-30T07:44:15Z

Links: CVE-2026-5121 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-15T16:45:09Z

Weaknesses

CWE-190

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object