CVE-2026-4111: Loop with Unreachable Exit Condition ('Infinite Loop') in Red Hat Red Hat Enterprise Linux 10
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.
AI Analysis
Technical Summary
The vulnerability CVE-2026-4111 affects the RAR5 archive decompression logic in the libarchive library, specifically within the archive_read_data() function. When processing a maliciously crafted RAR5 archive, the decompression routine can enter an infinite loop due to internal logic that prevents forward progress. Because the archive appears valid and passes checksum validation, affected applications cannot detect the issue prior to processing. This results in persistent CPU resource consumption, causing a denial-of-service condition. Red Hat has published multiple advisories for Red Hat Enterprise Linux 10 and OpenShift Container Platform 4.19, providing updated packages and container images that fix this issue.
Potential Impact
Exploitation of this vulnerability leads to a denial-of-service condition by causing an infinite loop in the decompression process, which continuously consumes CPU resources. There is no impact on confidentiality or integrity. The vulnerability affects services that automatically process RAR5 archives using libarchive, potentially causing service disruption.
Mitigation Recommendations
Red Hat has released security updates and patches for affected products, including Red Hat Enterprise Linux 10 and OpenShift Container Platform 4.19. Users should apply these official fixes promptly by updating to the latest packages and container images available through the appropriate Red Hat channels. For OpenShift Container Platform 4.19, users should upgrade to version 4.19.29 or later as advised in the Red Hat security advisories. Patch status is confirmed as fixed in these updates. No alternative mitigations or workarounds are indicated in the vendor advisories.
CVE-2026-4111: Loop with Unreachable Exit Condition ('Infinite Loop') in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.
CVSS v3.1
Score 7.5high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-4111 affects the RAR5 archive decompression logic in the libarchive library, specifically within the archive_read_data() function. When processing a maliciously crafted RAR5 archive, the decompression routine can enter an infinite loop due to internal logic that prevents forward progress. Because the archive appears valid and passes checksum validation, affected applications cannot detect the issue prior to processing. This results in persistent CPU resource consumption, causing a denial-of-service condition. Red Hat has published multiple advisories for Red Hat Enterprise Linux 10 and OpenShift Container Platform 4.19, providing updated packages and container images that fix this issue.
Potential Impact
Exploitation of this vulnerability leads to a denial-of-service condition by causing an infinite loop in the decompression process, which continuously consumes CPU resources. There is no impact on confidentiality or integrity. The vulnerability affects services that automatically process RAR5 archives using libarchive, potentially causing service disruption.
Mitigation Recommendations
Red Hat has released security updates and patches for affected products, including Red Hat Enterprise Linux 10 and OpenShift Container Platform 4.19. Users should apply these official fixes promptly by updating to the latest packages and container images available through the appropriate Red Hat channels. For OpenShift Container Platform 4.19, users should upgrade to version 4.19.29 or later as advised in the Red Hat security advisories. Patch status is confirmed as fixed in these updates. No alternative mitigations or workarounds are indicated in the vendor advisories.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-03-13T11:33:42.645Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Epss Score
- 0.00035
- Epss Percentile
- 0.10223
- Epss Date
- 2026-04-26
- Gcve Source
- db.gcve.eu
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2026:10065","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:5063","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:5080","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:6647","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7093","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7105","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7106","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7239","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7329","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7335","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8423","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8746","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8747","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8748","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8865","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8944","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-4111","vendor":"Red Hat"}]
Threat ID: 69b3fc832f860ef943d17f88
Added to database: 3/13/2026, 12:01:07 PM
Last enriched: 6/10/2026, 6:33:14 PM
Last updated: 6/11/2026, 11:06:54 PM
Views: 404
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.