CVE-2026-4424: Out-of-bounds Read in Red Hat Red Hat Enterprise Linux 10
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-4424) exists in libarchive's handling of RAR archives on Red Hat Enterprise Linux 10. It is caused by improper validation of the LZSS sliding window size after transitions between compression methods, leading to a heap out-of-bounds read. This flaw allows a remote attacker to cause information disclosure of sensitive heap memory by providing a crafted RAR archive. The vulnerability has a CVSS 3.1 base score of 7.5, indicating high severity with network attack vector, low attack complexity, no privileges required, and no user interaction needed. Red Hat has issued an important security advisory and released updated libarchive packages that fix this issue.
Potential Impact
Successful exploitation of this vulnerability can lead to disclosure of sensitive heap memory information on affected systems running Red Hat Enterprise Linux 10. The vulnerability does not allow code execution or denial of service but can expose potentially sensitive data to unauthenticated remote attackers. The CVSS score of 7.5 reflects a high severity impact primarily due to confidentiality loss via a network vector without requiring privileges or user interaction.
Mitigation Recommendations
Red Hat has released an important security update for libarchive in Red Hat Enterprise Linux 10 that addresses CVE-2026-4424. Users should apply the updated libarchive packages as provided in the Red Hat advisory RHSA-2026:8492 to remediate this vulnerability. Detailed update instructions are available at https://access.redhat.com/articles/11258. No other mitigations are indicated or required beyond applying the official patch.
CVE-2026-4424: Out-of-bounds Read in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-4424) exists in libarchive's handling of RAR archives on Red Hat Enterprise Linux 10. It is caused by improper validation of the LZSS sliding window size after transitions between compression methods, leading to a heap out-of-bounds read. This flaw allows a remote attacker to cause information disclosure of sensitive heap memory by providing a crafted RAR archive. The vulnerability has a CVSS 3.1 base score of 7.5, indicating high severity with network attack vector, low attack complexity, no privileges required, and no user interaction needed. Red Hat has issued an important security advisory and released updated libarchive packages that fix this issue.
Potential Impact
Successful exploitation of this vulnerability can lead to disclosure of sensitive heap memory information on affected systems running Red Hat Enterprise Linux 10. The vulnerability does not allow code execution or denial of service but can expose potentially sensitive data to unauthenticated remote attackers. The CVSS score of 7.5 reflects a high severity impact primarily due to confidentiality loss via a network vector without requiring privileges or user interaction.
Mitigation Recommendations
Red Hat has released an important security update for libarchive in Red Hat Enterprise Linux 10 that addresses CVE-2026-4424. Users should apply the updated libarchive packages as provided in the Red Hat advisory RHSA-2026:8492 to remediate this vulnerability. Detailed update instructions are available at https://access.redhat.com/articles/11258. No other mitigations are indicated or required beyond applying the official patch.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-03-19T12:23:38.191Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2026:10065","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8492","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8510","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8517","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8521","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8534","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8864","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8865","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8866","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8867","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8873","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8908","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8944","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9026","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9592","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-4424","vendor":"Red Hat"}]
Threat ID: 69bc0726e32a4fbe5fca2029
Added to database: 3/19/2026, 2:24:38 PM
Last enriched: 4/24/2026, 3:40:45 PM
Last updated: 5/1/2026, 2:42:11 PM
Views: 141
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.