{"schema_version":"1.7.2","id":"OESA-2026-2634","modified":"2026-06-12T12:25:31Z","published":"2026-06-12T12:25:31Z","upstream":["CVE-2026-48863","CVE-2026-9149","CVE-2026-9150"],"summary":"libsolv security update","details":"A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks:\r\n\r\nSecurity Fix(es):\n\nA flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processing this crafted signature could lead to a denial of service in automated package or repository processing workflows.(CVE-2026-48863)\n\nA flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS).(CVE-2026-9149)\n\nA flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.(CVE-2026-9150)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS-SP1","name":"libsolv","purl":"pkg:rpm/openEuler/libsolv&distro=openEuler-24.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.7.24-5.oe2403sp1"}]}],"ecosystem_specific":{"aarch64":["libsolv-0.7.24-5.oe2403sp1.aarch64.rpm","libsolv-debuginfo-0.7.24-5.oe2403sp1.aarch64.rpm","libsolv-debugsource-0.7.24-5.oe2403sp1.aarch64.rpm","libsolv-demo-0.7.24-5.oe2403sp1.aarch64.rpm","libsolv-devel-0.7.24-5.oe2403sp1.aarch64.rpm","libsolv-tools-0.7.24-5.oe2403sp1.aarch64.rpm","perl-solv-0.7.24-5.oe2403sp1.aarch64.rpm","python3-solv-0.7.24-5.oe2403sp1.aarch64.rpm","ruby-solv-0.7.24-5.oe2403sp1.aarch64.rpm"],"noarch":["libsolv-help-0.7.24-5.oe2403sp1.noarch.rpm"],"src":["libsolv-0.7.24-5.oe2403sp1.src.rpm"],"x86_64":["libsolv-0.7.24-5.oe2403sp1.x86_64.rpm","libsolv-debuginfo-0.7.24-5.oe2403sp1.x86_64.rpm","libsolv-debugsource-0.7.24-5.oe2403sp1.x86_64.rpm","libsolv-demo-0.7.24-5.oe2403sp1.x86_64.rpm","libsolv-devel-0.7.24-5.oe2403sp1.x86_64.rpm","libsolv-tools-0.7.24-5.oe2403sp1.x86_64.rpm","perl-solv-0.7.24-5.oe2403sp1.x86_64.rpm","python3-solv-0.7.24-5.oe2403sp1.x86_64.rpm","ruby-solv-0.7.24-5.oe2403sp1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2634"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48863"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9149"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9150"}],"database_specific":{"severity":"High"}}