Suggestions search

All statuses

Filter by:

With package: perl540Packages.ArchiveLibarchiveExtract

Found 2 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2026-4424

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 2 months ago Activity log

Created suggestion 2 months ago

Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.

References

https://access.redhat.com/security/cve/CVE-2026-4424 vdb-entryx_refsource_REDHAT
RHBZ#2449006 issue-trackingx_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2898

Affected products

rhcos

libarchive

Matching in nixpkgs

pkgs.libarchive

Multi-format archive and compression library

nixos-unstable 3.8.4
- nixpkgs-unstable 3.8.4
- nixos-unstable-small 3.8.4
nixos-25.11 3.8.4
- nixos-25.11-small 3.8.4
- nixpkgs-25.11-darwin 3.8.4

pkgs.libarchive-qt

Qt based archiving solution with libarchive backend

nixos-unstable 2.0.8
- nixpkgs-unstable 2.0.8
- nixos-unstable-small 2.0.8
nixos-25.11 2.0.8
- nixos-25.11-small 2.0.8
- nixpkgs-25.11-darwin 2.0.8

pkgs.haskellPackages.libarchive

Haskell interface to libarchive

nixos-unstable 3.0.5.0
- nixpkgs-unstable 3.0.5.0
- nixos-unstable-small 3.0.5.0
nixos-25.11 3.0.4.2
- nixos-25.11-small 3.0.4.2
- nixpkgs-25.11-darwin 3.0.4.2

pkgs.kodiPackages.vfs-libarchive

LibArchive Virtual Filesystem add-on for Kodi

nixos-unstable 20.1.0
- nixpkgs-unstable 20.1.0
- nixos-unstable-small 20.1.0
nixos-25.11 20.1.0
- nixos-25.11-small 20.1.0
- nixpkgs-25.11-darwin 20.1.0

pkgs.perlPackages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-unstable 0.09
- nixpkgs-unstable 0.09
- nixos-unstable-small 0.09
nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.python312Packages.libarchive-c

Python interface to libarchive

nixos-25.11 5.3
- nixos-25.11-small 5.3
- nixpkgs-25.11-darwin 5.3

pkgs.python313Packages.libarchive-c

Python interface to libarchive

nixos-unstable 5.3
- nixpkgs-unstable 5.3
- nixos-unstable-small 5.3
nixos-25.11 5.3
- nixos-25.11-small 5.3
- nixpkgs-25.11-darwin 5.3

pkgs.python314Packages.libarchive-c

Python interface to libarchive

nixos-unstable 5.3
- nixpkgs-unstable 5.3
- nixos-unstable-small 5.3

pkgs.haskellPackages.libarchive-clib

Haskell interface to libarchive (C sources)

nixos-unstable 3.8.5
- nixpkgs-unstable 3.8.5
- nixos-unstable-small 3.8.5

pkgs.perl5Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-unstable 0.09
- nixpkgs-unstable 0.09
- nixos-unstable-small 0.09

pkgs.perl538Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.perl540Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.haskellPackages.archive-libarchive

Common interface using libarchive

nixos-unstable 1.0.0.1
- nixpkgs-unstable 1.0.0.1
- nixos-unstable-small 1.0.0.1
nixos-25.11 1.0.0.1
- nixos-25.11-small 1.0.0.1
- nixpkgs-25.11-darwin 1.0.0.1

pkgs.haskellPackages.libarchive-conduit

Read many archive formats with libarchive and conduit

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.perlPackages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04
nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perlPackages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-unstable 0.02
- nixpkgs-unstable 0.02
- nixos-unstable-small 0.02
nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perl5Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04

pkgs.perl5Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-unstable 0.02
- nixpkgs-unstable 0.02
- nixos-unstable-small 0.02

pkgs.perl538Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perl538Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perl540Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perl540Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perlPackages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03
nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl5Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03

pkgs.perl538Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl540Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.python312Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-25.11 21.5.31
- nixos-25.11-small 21.5.31
- nixpkgs-25.11-darwin 21.5.31

pkgs.python313Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable 21.5.31
- nixpkgs-unstable 21.5.31
- nixos-unstable-small 21.5.31
nixos-25.11 21.5.31
- nixos-25.11-small 21.5.31
- nixpkgs-25.11-darwin 21.5.31

pkgs.python314Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable 21.5.31
- nixpkgs-unstable 21.5.31
- nixos-unstable-small 21.5.31

Package maintainers

@dschrempf Dominik Schrempf <dominik.schrempf@gmail.com>
@minijackson Rémi Nicole <minijackson@riseup.net>
@sephalon Stefan Wiehler <me@sephalon.net>
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@nvmd Sergey Kazenyuk <kazenyuk@pm.me>
@aanderse Aaron Andersen <aaron@fosslib.net>
@cpages Carles Pagès <page@ruiec.cat>
@jcumming Jack Cummings <jack@mudshark.org>
@dan4ik605743 Danil Danevich <6057430gu@gmail.com>
@TomaSajt TomaSajt

Untriaged

Permalink CVE-2026-4426

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 2 months ago Activity log

Created suggestion 2 months ago

Libarchive: libarchive: denial of service via malformed iso file processing

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.

References

https://access.redhat.com/security/cve/CVE-2026-4426 vdb-entryx_refsource_REDHAT
RHBZ#2449010 issue-trackingx_refsource_REDHAT
https://github.com/libarchive/libarchive/pull/2897

Affected products

rhcos

libarchive

Matching in nixpkgs

pkgs.libarchive

Multi-format archive and compression library

nixos-unstable 3.8.4
- nixpkgs-unstable 3.8.4
- nixos-unstable-small 3.8.4
nixos-25.11 3.8.4
- nixos-25.11-small 3.8.4
- nixpkgs-25.11-darwin 3.8.4

pkgs.libarchive-qt

Qt based archiving solution with libarchive backend

nixos-unstable 2.0.8
- nixpkgs-unstable 2.0.8
- nixos-unstable-small 2.0.8
nixos-25.11 2.0.8
- nixos-25.11-small 2.0.8
- nixpkgs-25.11-darwin 2.0.8

pkgs.haskellPackages.libarchive

Haskell interface to libarchive

nixos-unstable 3.0.5.0
- nixpkgs-unstable 3.0.5.0
- nixos-unstable-small 3.0.5.0
nixos-25.11 3.0.4.2
- nixos-25.11-small 3.0.4.2
- nixpkgs-25.11-darwin 3.0.4.2

pkgs.kodiPackages.vfs-libarchive

LibArchive Virtual Filesystem add-on for Kodi

nixos-unstable 20.1.0
- nixpkgs-unstable 20.1.0
- nixos-unstable-small 20.1.0
nixos-25.11 20.1.0
- nixos-25.11-small 20.1.0
- nixpkgs-25.11-darwin 20.1.0

pkgs.perlPackages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-unstable 0.09
- nixpkgs-unstable 0.09
- nixos-unstable-small 0.09
nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.python312Packages.libarchive-c

Python interface to libarchive

nixos-25.11 5.3
- nixos-25.11-small 5.3
- nixpkgs-25.11-darwin 5.3

pkgs.python313Packages.libarchive-c

Python interface to libarchive

nixos-unstable 5.3
- nixpkgs-unstable 5.3
- nixos-unstable-small 5.3
nixos-25.11 5.3
- nixos-25.11-small 5.3
- nixpkgs-25.11-darwin 5.3

pkgs.python314Packages.libarchive-c

Python interface to libarchive

nixos-unstable 5.3
- nixpkgs-unstable 5.3
- nixos-unstable-small 5.3

pkgs.haskellPackages.libarchive-clib

Haskell interface to libarchive (C sources)

nixos-unstable 3.8.5
- nixpkgs-unstable 3.8.5
- nixos-unstable-small 3.8.5

pkgs.perl5Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-unstable 0.09
- nixpkgs-unstable 0.09
- nixos-unstable-small 0.09

pkgs.perl538Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.perl540Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

nixos-25.11 0.09
- nixos-25.11-small 0.09
- nixpkgs-25.11-darwin 0.09

pkgs.haskellPackages.archive-libarchive

Common interface using libarchive

nixos-unstable 1.0.0.1
- nixpkgs-unstable 1.0.0.1
- nixos-unstable-small 1.0.0.1
nixos-25.11 1.0.0.1
- nixos-25.11-small 1.0.0.1
- nixpkgs-25.11-darwin 1.0.0.1

pkgs.haskellPackages.libarchive-conduit

Read many archive formats with libarchive and conduit

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.perlPackages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04
nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perlPackages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-unstable 0.02
- nixpkgs-unstable 0.02
- nixos-unstable-small 0.02
nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perl5Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04

pkgs.perl5Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-unstable 0.02
- nixpkgs-unstable 0.02
- nixos-unstable-small 0.02

pkgs.perl538Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perl538Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perl540Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perl540Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

nixos-25.11 0.02
- nixos-25.11-small 0.02
- nixpkgs-25.11-darwin 0.02

pkgs.perlPackages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03
nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl5Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03

pkgs.perl538Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl540Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.python312Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-25.11 21.5.31
- nixos-25.11-small 21.5.31
- nixpkgs-25.11-darwin 21.5.31

pkgs.python313Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable 21.5.31
- nixpkgs-unstable 21.5.31
- nixos-unstable-small 21.5.31
nixos-25.11 21.5.31
- nixos-25.11-small 21.5.31
- nixpkgs-25.11-darwin 21.5.31

pkgs.python314Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

nixos-unstable 21.5.31
- nixpkgs-unstable 21.5.31
- nixos-unstable-small 21.5.31

Package maintainers

@dschrempf Dominik Schrempf <dominik.schrempf@gmail.com>
@minijackson Rémi Nicole <minijackson@riseup.net>
@sephalon Stefan Wiehler <me@sephalon.net>
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@nvmd Sergey Kazenyuk <kazenyuk@pm.me>
@aanderse Aaron Andersen <aaron@fosslib.net>
@cpages Carles Pagès <page@ruiec.cat>
@jcumming Jack Cummings <jack@mudshark.org>
@dan4ik605743 Danil Danevich <6057430gu@gmail.com>
@TomaSajt TomaSajt