CVE-2026-4426: Incorrect Bitwise Shift of Integer in Red Hat Red Hat Hardened Images
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.
AI Analysis
Technical Summary
This vulnerability in libarchive's zisofs decompression arises from improper validation of the pz_log2_bs field in ISO9660 Rock Ridge extensions, leading to undefined behavior. Exploitation via a crafted ISO file can cause incorrect memory allocation and application crashes, resulting in denial-of-service. The issue affects Red Hat Hardened Images and is tracked as CVE-2026-4426 with a CVSS 3.1 score of 6.5 (medium severity). Red Hat has issued a security advisory (RHSA-2026:8944) providing updated RPM packages including libarchive 3.8.7-1.hum1 to fix the flaw.
Potential Impact
Successful exploitation can cause denial-of-service conditions by crashing applications that process malicious ISO files using the vulnerable libarchive component. There is no indication of confidentiality or integrity impact. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Red Hat has released an official security update (RHSA-2026:8944) that fixes this vulnerability in libarchive version 3.8.7-1.hum1 and related RPMs for Red Hat Hardened Images. Users should apply these updates promptly to remediate the issue. Patch status is confirmed by Red Hat advisories. No additional mitigation steps are indicated.
CVE-2026-4426: Incorrect Bitwise Shift of Integer in Red Hat Red Hat Hardened Images
Description
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.
CVSS v3.1
Score 6.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in libarchive's zisofs decompression arises from improper validation of the pz_log2_bs field in ISO9660 Rock Ridge extensions, leading to undefined behavior. Exploitation via a crafted ISO file can cause incorrect memory allocation and application crashes, resulting in denial-of-service. The issue affects Red Hat Hardened Images and is tracked as CVE-2026-4426 with a CVSS 3.1 score of 6.5 (medium severity). Red Hat has issued a security advisory (RHSA-2026:8944) providing updated RPM packages including libarchive 3.8.7-1.hum1 to fix the flaw.
Potential Impact
Successful exploitation can cause denial-of-service conditions by crashing applications that process malicious ISO files using the vulnerable libarchive component. There is no indication of confidentiality or integrity impact. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Red Hat has released an official security update (RHSA-2026:8944) that fixes this vulnerability in libarchive version 3.8.7-1.hum1 and related RPMs for Red Hat Hardened Images. Users should apply these updates promptly to remediate the issue. Patch status is confirmed by Red Hat advisories. No additional mitigation steps are indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-03-19T12:43:31.427Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2026:8944","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-4426","vendor":"Red Hat"}]
Threat ID: 69bc0726e32a4fbe5fca202e
Added to database: 3/19/2026, 2:24:38 PM
Last enriched: 5/4/2026, 1:55:10 AM
Last updated: 6/18/2026, 12:34:30 AM
Views: 155
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.