PT-2026-43313 · Libsolv · Libsolv

Found By

·

Published

2026-05-26

·

Updated

2026-07-09

·

CVE-2026-48864

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions libsolv (affected versions not specified)
Description A heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file that, when processed by a vulnerable application, leads to out-of-bounds memory access. This may result in information disclosure, alteration of program execution, or a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:28236
ALSA-2026:36730
CVE-2026-48864
RHSA-2026:21333
RHSA-2026:28236

Affected Products

Libsolv