VDB
RHSA-2026%3A8908
RHSA-2026%3A8908
PUBLISHED
CVSS 7.5 HIGH
An update for libarchive is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Enterprise Linux BaseOS E4S (v.8.6) | ||
| bsdtar | ||
| bsdcat | ||
| libarchive | ||
| Red Hat Enterprise Linux BaseOS TUS (v.8.6) | ||
| bsdcpio | ||
| Red Hat Enterprise Linux BaseOS AUS (v.8.6) |
Timeline
- Apr 20, 2026 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2026:8908 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://bugzilla.redhat.com/show_bug.cgi?id=2449006 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2452945 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8908.json advisory