Description

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.

INFO

Published Date :

2026-03-30T07:47:28.562Z

Last Modified :

2026-05-07T21:44:13.275Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2026-5121 vulnerability.

Vendors Products
Libarchive
  • Libarchive
Redhat
  • Discovery
  • Enterprise Linux
  • Hardened Images
  • Hummingbird
  • Insights Proxy
  • Openshift
  • Openshift Container Platform
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Eus Long Life
  • Rhel Tus
  • Rhosemc
  • Rhui
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-5121.

URL Resource
https://access.redhat.com/errata/RHSA-2026:10065 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:10097 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11768 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:13812 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:14937 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8510 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8517 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8521 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8534 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8864 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8866 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8867 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8873 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8908 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:8944 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:9026 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:9592 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:9832 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2026-5121 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2452945 cve-icon cve-icon
https://github.com/advisories/GHSA-2vwv-vqpv-v8vc cve-icon cve-icon
https://github.com/libarchive/libarchive/pull/2934 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-5121 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-5121 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact