CVE-2026-5121: Integer Overflow or Wraparound in Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
AI Analysis
Technical Summary
An integer overflow in the zisofs block pointer allocation logic of libarchive on 32-bit Red Hat Enterprise Linux 7 Extended Lifecycle Support systems allows a remote attacker to cause a heap buffer overflow by supplying a crafted ISO9660 image. This can lead to arbitrary code execution. The vulnerability is tracked as CVE-2026-5121 with a CVSS 3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Red Hat has issued multiple security advisories and updates to address this issue. The vulnerability is not known to be exploited in the wild. The vendor advisories provide updated packages and instructions for remediation.
Potential Impact
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable 32-bit Red Hat Enterprise Linux 7 Extended Lifecycle Support system by providing a malicious ISO9660 image. This compromises the confidentiality of the system (high impact on confidentiality) but does not directly affect integrity or availability according to the CVSS vector. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released security advisories with updated libarchive packages that fix this vulnerability. Users of Red Hat Enterprise Linux 7 Extended Lifecycle Support on 32-bit systems should apply the relevant security updates as provided in the Red Hat advisories (e.g., RHSA-2026:10065 and others linked). Patch status is confirmed as fixed by Red Hat. No additional mitigation steps are required beyond applying the official patches.
CVE-2026-5121: Integer Overflow or Wraparound in Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support
Description
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
An integer overflow in the zisofs block pointer allocation logic of libarchive on 32-bit Red Hat Enterprise Linux 7 Extended Lifecycle Support systems allows a remote attacker to cause a heap buffer overflow by supplying a crafted ISO9660 image. This can lead to arbitrary code execution. The vulnerability is tracked as CVE-2026-5121 with a CVSS 3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Red Hat has issued multiple security advisories and updates to address this issue. The vulnerability is not known to be exploited in the wild. The vendor advisories provide updated packages and instructions for remediation.
Potential Impact
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable 32-bit Red Hat Enterprise Linux 7 Extended Lifecycle Support system by providing a malicious ISO9660 image. This compromises the confidentiality of the system (high impact on confidentiality) but does not directly affect integrity or availability according to the CVSS vector. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released security advisories with updated libarchive packages that fix this vulnerability. Users of Red Hat Enterprise Linux 7 Extended Lifecycle Support on 32-bit systems should apply the relevant security updates as provided in the Red Hat advisories (e.g., RHSA-2026:10065 and others linked). Patch status is confirmed as fixed by Red Hat. No additional mitigation steps are required beyond applying the official patches.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-03-30T07:39:27.352Z
- Cvss Version
- null
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2026:10065","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8510","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8517","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8521","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8534","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8864","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8866","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8867","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8873","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:8908","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9026","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9592","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-5121","vendor":"Red Hat"}]
Threat ID: 69ca2f86e6bfc5ba1dec601f
Added to database: 3/30/2026, 8:08:38 AM
Last enriched: 5/14/2026, 2:27:40 AM
Last updated: 5/14/2026, 11:42:37 AM
Views: 287
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.