CVE-2026-4111
Awaiting Analysis Awaiting Analysis - Queue
Infinite Loop DoS in libarchive RAR5 Decompression Logic

Publication date: 2026-03-13

Last updated on: 2026-06-10

Assigner: Red Hat, Inc.

Description
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-13
Last Modified
2026-06-10
Generated
2026-06-16
AI Q&A
2026-03-13
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4111
EUVD
EUVD-2026-12031
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
libarchive libarchive *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a flaw in the RAR5 archive decompression logic of the libarchive library, specifically in the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine can enter an infinite loop due to internal logic that prevents forward progress. The archive appears valid and passes checksum validation, so affected applications cannot detect the problem before processing.

Impact Analysis

The vulnerability can cause persistent denial-of-service (DoS) conditions by continuously consuming CPU resources in an infinite loop. This can disrupt services that automatically process RAR5 archives using the libarchive library, potentially leading to service unavailability or degraded performance.

Compliance Impact

I don't know

Detection Guidance

This vulnerability occurs during the processing of specially crafted RAR5 archives by the libarchive library, causing an infinite loop that consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing.

Therefore, there are no specific commands or straightforward detection methods to identify this vulnerability on your network or system prior to processing the archive.

Mitigation Strategies

To mitigate this vulnerability, avoid processing untrusted or suspicious RAR5 archives with affected versions of the libarchive library, as the decompression logic can enter an infinite loop causing denial-of-service.

Since the flaw is in the archive_read_data() processing path of libarchive, applying updates or patches from the vendor that address this issue is recommended once available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4111. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart