Unrated severityNVD Advisory· Published Mar 28, 2022· Updated Nov 3, 2025
CVE-2022-26280
CVE-2022-26280
Description
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12(expand)+ 1 more
- (no CPE)
- (no CPE)range: =3.6.0
- osv-coords10 versionspkg:rpm/almalinux/bsdtarpkg:rpm/almalinux/libarchivepkg:rpm/almalinux/libarchive-develpkg:rpm/opensuse/bsdtar&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libarchive&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libarchive&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4
< 3.5.3-2.el9_0+ 9 more
- (no CPE)range: < 3.5.3-2.el9_0
- (no CPE)range: < 3.5.3-2.el9_0
- (no CPE)range: < 3.5.3-2.el9_0
- (no CPE)range: < 3.7.2-1.1
- (no CPE)range: < 3.4.2-150200.4.6.1
- (no CPE)range: < 3.5.1-150400.3.3.1
- (no CPE)range: < 3.4.2-150200.4.6.1
- (no CPE)range: < 3.5.1-150400.3.3.1
- (no CPE)range: < 3.4.2-150200.4.6.1
- (no CPE)range: < 3.5.1-150400.3.3.1
Patches
Vulnerability mechanics
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBYGJICQ7FKDZ2IIOAH423IHWQ6MNONQ/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202208-26mitrevendor-advisoryx_refsource_GENTOO
- github.com/libarchive/libarchive/issues/1672mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.