Home

Description

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.

PUBLISHED Reserved 2026-03-13 | Published 2026-03-13 | Updated 2026-03-13 | Assigner redhat




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Loop with Unreachable Exit Condition ('Infinite Loop')

Product status

Default status
affected

Default status
unknown

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2026-03-11:Reported to Red Hat.
2026-03-11:Made public.

Credits

Red Hat would like to thank Elhanan Haenel for reporting this issue.

References

access.redhat.com/security/cve/CVE-2026-4111 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2446453 (RHBZ#2446453) issue-tracking

github.com/libarchive/libarchive/pull/2877

cve.org (CVE-2026-4111)

nvd.nist.gov (CVE-2026-4111)

Download JSON