CVE-2026-4111: Loop with Unreachable Exit Condition ('Infinite Loop') in Red Hat Red Hat Enterprise Linux 10
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.
AI Analysis
Technical Summary
The libarchive library in Red Hat Enterprise Linux 10 and 9 contains a vulnerability (CVE-2026-4111) in the RAR5 decompression logic. Specifically, the archive_read_data() processing path can enter an infinite loop when handling a specially crafted RAR5 archive. This infinite loop causes persistent CPU resource consumption, effectively resulting in a denial-of-service condition. The crafted archive passes checksum validation and appears valid, so affected applications cannot detect the issue prior to processing. Red Hat has issued security advisories RHSA-2026:5063 for RHEL 10 and RHSA-2026:5080 for RHEL 9, providing updated libarchive packages that fix this vulnerability.
Potential Impact
This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by triggering an infinite loop in the libarchive RAR5 decompression routine. The impact is limited to availability, with no confidentiality or integrity effects reported. Services or applications that automatically process RAR5 archives using libarchive may experience persistent CPU resource exhaustion, potentially disrupting normal operations.
Mitigation Recommendations
Red Hat has released official security updates for libarchive in Red Hat Enterprise Linux 10 and 9 that address this vulnerability. Users should apply the updated libarchive packages as detailed in Red Hat advisories RHSA-2026:5063 and RHSA-2026:5080. The advisories provide instructions and links for obtaining and installing the patches. Applying these updates mitigates the infinite loop denial-of-service issue. No additional mitigation steps are indicated by the vendor.
CVE-2026-4111: Loop with Unreachable Exit Condition ('Infinite Loop') in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The libarchive library in Red Hat Enterprise Linux 10 and 9 contains a vulnerability (CVE-2026-4111) in the RAR5 decompression logic. Specifically, the archive_read_data() processing path can enter an infinite loop when handling a specially crafted RAR5 archive. This infinite loop causes persistent CPU resource consumption, effectively resulting in a denial-of-service condition. The crafted archive passes checksum validation and appears valid, so affected applications cannot detect the issue prior to processing. Red Hat has issued security advisories RHSA-2026:5063 for RHEL 10 and RHSA-2026:5080 for RHEL 9, providing updated libarchive packages that fix this vulnerability.
Potential Impact
This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by triggering an infinite loop in the libarchive RAR5 decompression routine. The impact is limited to availability, with no confidentiality or integrity effects reported. Services or applications that automatically process RAR5 archives using libarchive may experience persistent CPU resource exhaustion, potentially disrupting normal operations.
Mitigation Recommendations
Red Hat has released official security updates for libarchive in Red Hat Enterprise Linux 10 and 9 that address this vulnerability. Users should apply the updated libarchive packages as detailed in Red Hat advisories RHSA-2026:5063 and RHSA-2026:5080. The advisories provide instructions and links for obtaining and installing the patches. Applying these updates mitigates the infinite loop denial-of-service issue. No additional mitigation steps are indicated by the vendor.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-03-13T11:33:42.645Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Epss Score
- 0.00035
- Epss Percentile
- 0.10223
- Epss Date
- 2026-04-26
- Gcve Source
- db.gcve.eu
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2026:10065","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:5063","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:5080","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:6647","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7093","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7105","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7106","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7239","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7329","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:7335","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8423","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8746","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8747","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8748","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8865","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8944","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-4111","vendor":"Red Hat"}]
Threat ID: 69b3fc832f860ef943d17f88
Added to database: 3/13/2026, 12:01:07 PM
Last enriched: 4/22/2026, 6:17:45 AM
Last updated: 4/27/2026, 4:07:35 PM
Views: 344
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.