CVE-2026-5121
Published: 30 March 2026
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2026-5121 is an integer overflow vulnerability in the zisofs block pointer allocation logic of libarchive, affecting 32-bit systems. The flaw occurs when processing a specially crafted ISO9660 image, triggering a heap buffer overflow. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is associated with CWE-190 (Integer Overflow or Wraparound).
A remote attacker can exploit this vulnerability without privileges or user interaction by supplying a malicious ISO9660 image to an application using libarchive for archive extraction or inspection. Successful exploitation could lead to a heap buffer overflow, potentially enabling arbitrary code execution on the affected system with high confidentiality impact.
Red Hat has addressed this issue through multiple security errata, including RHSA-2026:8510, RHSA-2026:8517, RHSA-2026:8521, RHSA-2026:8534, and RHSA-2026:8864, which provide updated packages with fixes for affected libarchive versions in various Red Hat products.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability allows remote unauthenticated attackers to achieve arbitrary code execution by supplying a malicious ISO9660 image to libarchive-dependent applications, directly mapping to exploitation of public-facing applications.