CVE-2026-14164: Double Free in Red Hat Red Hat Enterprise Linux 10
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of the same memory region, resulting in a double-free condition. Successful exploitation may cause applications using the vulnerable libarchive API to terminate unexpectedly, leading to a denial of service.
AI Analysis
Technical Summary
A double free vulnerability exists in the RAR5 reader component of libarchive on Red Hat Enterprise Linux 10. During the parsing of a maliciously crafted RAR5 archive, the filtered_buf pointer may not be properly reset after being freed, leading to a second free operation on the same memory region when processing subsequent archive entries. This results in a double-free condition that can cause applications using the vulnerable libarchive API to crash unexpectedly, causing denial of service. The CVSS v3.1 base score is 7.5, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability.
Potential Impact
Successful exploitation causes denial of service by crashing applications that use the vulnerable libarchive API when processing crafted RAR5 archives. There is no indication of confidentiality or integrity impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-14164 for current remediation guidance. Until an official fix is released, avoid processing untrusted RAR5 archives with vulnerable libarchive versions to mitigate risk.
CVE-2026-14164: Double Free in Red Hat Red Hat Enterprise Linux 10
Description
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of the same memory region, resulting in a double-free condition. Successful exploitation may cause applications using the vulnerable libarchive API to terminate unexpectedly, leading to a denial of service.
CVSS v3.1
Score 7.5high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A double free vulnerability exists in the RAR5 reader component of libarchive on Red Hat Enterprise Linux 10. During the parsing of a maliciously crafted RAR5 archive, the filtered_buf pointer may not be properly reset after being freed, leading to a second free operation on the same memory region when processing subsequent archive entries. This results in a double-free condition that can cause applications using the vulnerable libarchive API to crash unexpectedly, causing denial of service. The CVSS v3.1 base score is 7.5, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability.
Potential Impact
Successful exploitation causes denial of service by crashing applications that use the vulnerable libarchive API when processing crafted RAR5 archives. There is no indication of confidentiality or integrity impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-14164 for current remediation guidance. Until an official fix is released, avoid processing untrusted RAR5 archives with vulnerable libarchive versions to mitigate risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-30T05:30:04.144Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-14164","vendor":"Red Hat"}]
Threat ID: 6a436e8027e9c797194c9ea7
Added to database: 06/30/2026, 07:21:36 UTC
Last enriched: 06/30/2026, 07:36:26 UTC
Last updated: 06/30/2026, 09:24:51 UTC
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.