CVE-2026-9150

Published: Mag 21, 2026 Last Modified: Mag 21, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.

121

Stack-based Buffer Overflow

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality Access Control Other
Potential Impacts:
Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other
Applicable Platforms
Languages: Memory-Unsafe, C, C++
Likelihood of Exploit: High
View CWE Details
https://access.redhat.com/security/cve/CVE-2026-9150
https://access.redhat.com/security/cve/CVE-2026-9150
https://bugzilla.redhat.com/show_bug.cgi?id=2460379
https://bugzilla.redhat.com/show_bug.cgi?id=2460379
https://github.com/openSUSE/libsolv/pull/616
https://github.com/openSUSE/libsolv/pull/616