Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Libarchive Security Update for Linux Systems
RHSA-2026:8865
Summary
A security update is available for libarchive, a library used by various Linux applications to handle archives and compressed files. This update fixes a vulnerability that could allow an attacker to execute malicious code on a system. Linux system administrators should apply this update to ensure their systems are secure.
What to do
- Update redhat bsdcat-debuginfo to version 0:3.7.7-5.el10_0.
- Update redhat bsdcpio-debuginfo to version 0:3.7.7-5.el10_0.
- Update redhat bsdtar to version 0:3.7.7-5.el10_0.
- Update redhat bsdtar-debuginfo to version 0:3.7.7-5.el10_0.
- Update redhat bsdunzip-debuginfo to version 0:3.7.7-5.el10_0.
- Update redhat libarchive to version 0:3.7.7-5.el10_0.
- Update redhat libarchive-debuginfo to version 0:3.7.7-5.el10_0.
- Update redhat libarchive-debugsource to version 0:3.7.7-5.el10_0.
- Update redhat libarchive-devel to version 0:3.7.7-5.el10_0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Red Hat:enterprise_linux_eus:10.0 | redhat | bsdcat-debuginfo |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | bsdcpio-debuginfo |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | bsdtar |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | bsdtar-debuginfo |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | bsdunzip-debuginfo |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | libarchive |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | libarchive-debuginfo |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | libarchive-debugsource |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
| Red Hat:enterprise_linux_eus:10.0 | redhat | libarchive-devel |
< 0:3.7.7-5.el10_0 Fix: upgrade to 0:3.7.7-5.el10_0
|
Original title
Red Hat Security Advisory: libarchive security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2026:8865 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2446453 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2449006 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8865.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2026-4111 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-4111 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-4111 Vendor Advisory
- https://github.com/libarchive/libarchive/pull/2877 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-4424 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-4424 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-4424 Vendor Advisory
- https://github.com/libarchive/libarchive/pull/2898 Third Party Advisory
Published: 20 Apr 2026 · Updated: 30 Apr 2026 · First seen: 30 Apr 2026