CVE-2026-5745
Received Received - Intake
NULL Pointer Dereference in libarchive ACL Parsing Causes DoS

Publication date: 2026-04-07

Last updated on: 2026-05-03

Assigner: Red Hat, Inc.

Description
A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-05-03
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-14
NVD
CVE-2026-5745
EUVD
EUVD-2026-19705
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
redhat enterprise_linux 7.0
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
libarchive libarchive *
redhat hardened_images *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability causes a Denial of Service (DoS) by crashing applications using the libarchive API when processing malformed ACL strings. It does not involve unauthorized data access, data leakage, or modification.

Therefore, based on the provided information, this vulnerability does not directly impact compliance with common standards and regulations such as GDPR or HIPAA, which primarily focus on protecting data confidentiality, integrity, and privacy.

Executive Summary

CVE-2026-5745 is a vulnerability in libarchive related to how it parses Access Control List (ACL) strings. Specifically, the function archive_acl_from_text_nl() does not properly validate malformed ACL strings, such as a standalone "d" or "default" tag without the expected following fields. This improper validation causes a NULL pointer dereference when the function advances the pointer incorrectly.

An attacker can exploit this by crafting a malicious archive file that triggers this faulty ACL parsing logic. When an application using the libarchive API (like bsdtar) processes this malicious archive, it can crash due to the NULL pointer dereference, resulting in a Denial of Service (DoS).

Impact Analysis

This vulnerability can cause applications that use libarchive, such as bsdtar, to crash when processing specially crafted malicious archive files. The crash is due to a NULL pointer dereference in the ACL parsing logic, leading to a Denial of Service (DoS) condition.

As a result, systems or services relying on these applications may become unavailable or unstable, potentially disrupting operations or workflows that depend on archive processing.

Detection Guidance

This vulnerability involves a NULL pointer dereference in the ACL parsing logic of libarchive when processing malformed ACL strings in archive files.

Detection can involve monitoring for crashes or Denial of Service (DoS) conditions in applications using libarchive, such as bsdtar, especially when handling archive files.

There are no specific commands provided in the available information to detect this vulnerability directly on your network or system.

Mitigation Strategies

The provided information does not specify immediate mitigation steps for this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5745. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart