CVE-2026-9150
Analyzed Analyzed - Analysis Complete
Buffer Overflow in libsolv Debian Metadata Parser

Publication date: 2026-05-20

Last updated on: 2026-06-02

Assigner: Red Hat, Inc.

Description
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-06-02
Generated
2026-06-10
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-09
NVD
CVE-2026-9150
EUVD
EUVD-2026-31202
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
redhat enterprise_linux 7.0
redhat satellite 6.0
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
redhat enterprise_linux 9.0
redhat update_infrastructure 4
redhat enterprise_linux 10.0
redhat hardened_images *
opensuse libsolv to 0.7.36 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is a stack-based buffer overflow found in libsolv's Debian metadata parser. It occurs when the parser processes specially crafted Debian repository metadata containing malicious SHA384 or SHA512 checksum tags. Exploiting this flaw can cause memory corruption.

Impact Analysis

An attacker exploiting this vulnerability could cause a denial of service (DoS) on the affected system by triggering memory corruption through malicious checksum tags in Debian repository metadata.

Detection Guidance

This vulnerability occurs when libsolv processes specially crafted Debian repository metadata containing malicious SHA384 or SHA512 checksum tags that overflow a fixed-size buffer.

Detection involves monitoring or analyzing the processing of Debian repository metadata, especially Packages files, for abnormal behavior or crashes related to libsolv.

While no specific detection commands are provided, you can check the installed libsolv version to determine if it is vulnerable (versions up to and including 0.7.36 are affected).

  • Check libsolv version: `rpm -q libsolv` (on RPM-based systems) or `dpkg -l | grep libsolv` (on Debian-based systems).
  • Monitor system logs for crashes or memory corruption events related to libsolv when updating or accessing Debian repositories.
  • Use debugging tools like AddressSanitizer or run libsolv with sanitizers enabled to detect buffer overflows during repository metadata parsing.
Mitigation Strategies

Immediate mitigation involves updating libsolv to a fixed version that addresses the buffer overflow by increasing the buffer size and replacing unsafe string operations.

If an update is not immediately available, avoid using untrusted or malicious Debian repository metadata sources, as exploitation requires supplying crafted metadata.

  • Upgrade libsolv to a version later than 0.7.36 where the buffer size has been increased and strcpy replaced with safer functions.
  • Restrict repository metadata sources to trusted and verified repositories only.
  • Monitor for and apply patches or security updates from your distribution or libsolv maintainers promptly.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9150. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart