Stay Secure with the Latest Linux Advisories

security advisoryDoSimportant

Rocky Linux 9 libarchive Security Alert RLSA-2026-5100 CVE-2026-4130

Important: libarchive security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:5080", "synopsis": "Important: libarchive security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libarchive.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive (CVE-2026-4111)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2446453", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2446453", "description": ""}], "cves": [{"name": "CVE-2026-4111", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4111", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-835"}], "references": [], "publishedAt": "2026-03-26T18:03:52.468416Z", "rpms": {"Rocky Linux 9": {"nvras": ["bsdtar-0:3.5.3-7.el9_7.aarch64.rpm", "bsdtar-0:3.5.3-7.el9_7.ppc64le.rpm", "bsdtar-0:3.5.3-7.el9_7.s390x.rpm", "bsdtar-0:3.5.3-7.el9_7.x86_64.rpm", "bsdtar-debuginfo-0:3.5.3-7.el9_7.aarch64.rpm", "bsdtar-debuginfo-0:3.5.3-7.el9_7.ppc64le.rpm", "bsdtar-debuginfo-0:3.5.3-7.el9_7.s390x.rpm", "bsdtar-debuginfo-0:3.5.3-7.el9_7.x86_64.rpm", "libarchive-0:3.5.3-7.el9_7.aarch64.rpm","libarchive-0:3.5.3-7.el9_7.i686.rpm", "libarchive-0:3.5.3-7.el9_7.ppc64le.rpm", "libarchive-0:3.5.3-7.el9_7.s390x.rpm", "libarchive-0:3.5.3-7.el9_7.src.rpm", "libarchive-0:3.5.3-7.el9_7.x86_64.rpm", "libarchive-debuginfo-0:3.5.3-7.el9_7.aarch64.rpm", "libarchive-debuginfo-0:3.5.3-7.el9_7.i686.rpm", "libarchive-debuginfo-0:3.5.3-7.el9_7.ppc64le.rpm", "libarchive-debuginfo-0:3.5.3-7.el9_7.s390x.rpm", "libarchive-debuginfo-0:3.5.3-7.el9_7.x86_64.rpm", "libarchive-debugsource-0:3.5.3-7.el9_7.aarch64.rpm", "libarchive-debugsource-0:3.5.3-7.el9_7.i686.rpm", "libarchive-debugsource-0:3.5.3-7.el9_7.ppc64le.rpm", "libarchive-debugsource-0:3.5.3-7.el9_7.s390x.rpm", "libarchive-debugsource-0:3.5.3-7.el9_7.x86_64.rpm", "libarchive-devel-0:3.5.3-7.el9_7.aarch64.rpm", "libarchive-devel-0:3.5.3-7.el9_7.i686.rpm", "libarchive-devel-0:3.5.3-7.el9_7.ppc64le.rpm", "libarchive-devel-0:3.5.3-7.el9_7.s390x.rpm", "libarchive-devel-0:3.5.3-7.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. libarchive faces critical update for important security issues in Rocky Linux 9, addressing denial of service threats promptly.. Rocky Linux, libarchive update, security fix. . Severity: Important. LinuxSecurity.com Team

Mar 26, 2026 •Important Rocky Linux