RHSA-2026:8944HighCVSS 7.5
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
🔗 CVE IDs covered (6)
📋 Description
CVE-2025-60753 — libarchive: bsdtar hangs and OOMs with zero-length pattern matches CVE-2026-4111 — libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive CVE-2026-4424 — libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4426 — libarchive: libarchive: Denial of Service via malformed ISO file processing CVE-2026-5121 — libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVE-2026-5745 — libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2026:8944
- externalhttps://images.redhat.com/
- externalhttps://access.redhat.com/security/cve/CVE-2025-60753
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://access.redhat.com/security/cve/CVE-2026-4424
- externalhttps://access.redhat.com/security/cve/CVE-2026-4111
- externalhttps://access.redhat.com/security/cve/CVE-2026-5121
- externalhttps://access.redhat.com/security/cve/CVE-2026-5745
- externalhttps://access.redhat.com/security/cve/CVE-2026-4426
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8944.json