CVE-2026-4111
Infinite Loop DoS in libarchive RAR5 Decompression Logic
Publication date: 2026-03-13
Last updated on: 2026-04-30
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| libarchive | libarchive | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-835 | The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the RAR5 archive decompression logic of the libarchive library, specifically in the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine can enter an infinite loop due to internal logic that prevents forward progress. The archive appears valid and passes checksum validation, so affected applications cannot detect the problem before processing.
How can this vulnerability impact me? :
The vulnerability can cause persistent denial-of-service (DoS) conditions by continuously consuming CPU resources in an infinite loop. This can disrupt services that automatically process RAR5 archives using the libarchive library, potentially leading to service unavailability or degraded performance.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability occurs during the processing of specially crafted RAR5 archives by the libarchive library, causing an infinite loop that consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing.
Therefore, there are no specific commands or straightforward detection methods to identify this vulnerability on your network or system prior to processing the archive.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid processing untrusted or suspicious RAR5 archives with affected versions of the libarchive library, as the decompression logic can enter an infinite loop causing denial-of-service.
Since the flaw is in the archive_read_data() processing path of libarchive, applying updates or patches from the vendor that address this issue is recommended once available.