Description
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).
Published: 2026-04-07
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

The flaw is a null pointer dereference in the ACL parsing function of libarchive. When a malformed ACL string such as a lone 'd' or 'default' tag is parsed, the code fails to validate the pointer before advancing, leading to a crash. An attacker can supply a specially crafted archive that triggers this behavior, causing any application that uses the libarchive API, for example bsdtar, to terminate. The result is a denial of service through application failure. This weakness is a classic null pointer dereference (CWE‑476).

Affected Systems

The vulnerability affects libarchive installed on Red Hat Enterprise Linux releases 6 through 10, as well as Red Hat Hardened Images and Red Hat OpenShift Container Platform 4. Systems running these distributions or containers that incorporate the affected libarchive library are at risk.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1 % suggests a low probability of exploitation at this time. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to cause a malicious archive to be parsed by a vulnerable application, which can be achieved locally by any user owning a process that invokes libarchive, or remotely if the target runs a service that accepts untrusted archives. The lack of an available workaround and limited exploit evidence mean that the primary mitigation is to update to a patched version once released.

Generated by OpenCVE AI on April 9, 2026 at 17:31 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

OpenCVE Recommended Actions

  • Check for and install the latest Red Hat security update that addresses CVE‑2026‑5745.
  • Verify the libarchive version on all affected systems with tools such as rpm -iq libarchive.
  • Temporarily restrict untrusted archive extraction until a patch is applied.
  • Maintain routine OS and application updates to keep all libraries current.
  • If unable to update immediately, monitor Red Hat advisories for a patch or update the affected software package to a version that includes the fix once available.

Generated by OpenCVE AI on April 9, 2026 at 17:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat hardened Images
CPEs cpe:2.3:a:libarchive:libarchive:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products Redhat hardened Images

Thu, 09 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat hummingbird
CPEs cpe:/a:redhat:hummingbird:1
Vendors & Products Redhat hummingbird

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Libarchive
Libarchive libarchive
Redhat openshift Container Platform
Vendors & Products Libarchive
Libarchive libarchive
Redhat openshift Container Platform

Wed, 08 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).
Title Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive
First Time appeared Redhat
Redhat enterprise Linux
Redhat openshift
Weaknesses CWE-476
CPEs cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat openshift
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Libarchive Libarchive
Redhat Enterprise Linux Hardened Images Hummingbird Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-09T16:28:20.715Z

Reserved: 2026-04-07T14:32:58.869Z

Link: CVE-2026-5745

cve-icon Vulnrichment

Updated: 2026-04-07T16:31:21.083Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T16:16:32.307

Modified: 2026-04-28T20:18:38.933

Link: CVE-2026-5745

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-07T00:00:00Z

Links: CVE-2026-5745 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:41:30Z

Weaknesses