Skip to main content

Libsolv

11 CVEs product

Monthly

CVE-2026-48863 HIGH PATCH This Week

Denial of service in libsolv's PGP signature verification (solv_pgpvrfy) allows remote attackers to crash automated package and repository processing by supplying a crafted Ed25519 signature. The flaw is a stack-based buffer overflow (CWE-121) triggered when the EdDSA 's' MPI is copied into a fixed 64-byte stack buffer using an attacker-controlled mismatched length. It affects the libsolv dependency solver embedded in Red Hat Enterprise Linux 7/8/9/10, OpenShift, Satellite, RHUI, openSUSE/SUSE, Ubuntu and Debian; no public exploit identified at time of analysis and it is not in CISA KEV.

Buffer Overflow Stack Overflow Denial Of Service Libsolv Red Hat Enterprise Linux 10 +11
NVD GitHub VulDB
CVSS 3.1
7.5
CVE-2026-9149 MEDIUM PATCH This Month

Heap-based buffer overflow in libsolv's repo_add_solv() function enables a remote unauthenticated attacker to crash the parsing process by delivering a specially crafted .solv repository metadata file containing negative values in the maxsize or allsize header fields. The malformed values bypass allocation sizing logic, producing an undersized heap buffer that is subsequently written past its bounds, yielding a denial of service. No public exploit identified at time of analysis; however, an upstream fix has been submitted via openSUSE/libsolv GitHub PR #617, and Red Hat has acknowledged the issue via a dedicated security advisory.

Denial Of Service Buffer Overflow Heap Overflow Libsolv Hardened Images +4
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-9150 MEDIUM PATCH This Month

Stack-based buffer overflow in libsolv's Debian metadata parser allows remote, unauthenticated attackers to cause a denial of service by serving maliciously crafted Debian repository metadata containing SHA384 or SHA512 checksum tags. The root cause, confirmed by the GitHub PR #616 diff, is a statically allocated 65-byte stack buffer in `ext/repo_deb.c` sized only for SHA256 digests, which is overflowed by the larger SHA384 (96 hex chars) and SHA512 (128 hex chars) values. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis; an upstream fix is available as an open pull request.

Debian Denial Of Service Stack Overflow Buffer Overflow Libsolv +5
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2021-33938 HIGH POC This Week

Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-33930 HIGH POC This Week

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-33929 HIGH POC This Week

Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-33928 HIGH POC This Week

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-3200 LOW POC PATCH Monitor

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Libsolv Communications Cloud Native Core Policy
NVD GitHub
CVSS 3.1
3.3
EPSS
1.3%
CVE-2018-20534 MEDIUM POC PATCH This Month

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Libsolv Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-20533 MEDIUM POC PATCH This Month

There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Libsolv Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-20532 MEDIUM POC PATCH This Month

There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Libsolv Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.1%
CVSS 7.5
HIGH PATCH This Week

Denial of service in libsolv's PGP signature verification (solv_pgpvrfy) allows remote attackers to crash automated package and repository processing by supplying a crafted Ed25519 signature. The flaw is a stack-based buffer overflow (CWE-121) triggered when the EdDSA 's' MPI is copied into a fixed 64-byte stack buffer using an attacker-controlled mismatched length. It affects the libsolv dependency solver embedded in Red Hat Enterprise Linux 7/8/9/10, OpenShift, Satellite, RHUI, openSUSE/SUSE, Ubuntu and Debian; no public exploit identified at time of analysis and it is not in CISA KEV.

Buffer Overflow Stack Overflow Denial Of Service +13
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Heap-based buffer overflow in libsolv's repo_add_solv() function enables a remote unauthenticated attacker to crash the parsing process by delivering a specially crafted .solv repository metadata file containing negative values in the maxsize or allsize header fields. The malformed values bypass allocation sizing logic, producing an undersized heap buffer that is subsequently written past its bounds, yielding a denial of service. No public exploit identified at time of analysis; however, an upstream fix has been submitted via openSUSE/libsolv GitHub PR #617, and Red Hat has acknowledged the issue via a dedicated security advisory.

Denial Of Service Buffer Overflow Heap Overflow +6
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Stack-based buffer overflow in libsolv's Debian metadata parser allows remote, unauthenticated attackers to cause a denial of service by serving maliciously crafted Debian repository metadata containing SHA384 or SHA512 checksum tags. The root cause, confirmed by the GitHub PR #616 diff, is a statically allocated 65-byte stack buffer in `ext/repo_deb.c` sized only for SHA256 digests, which is overflowed by the larger SHA384 (96 hex chars) and SHA512 (128 hex chars) values. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis; an upstream fix is available as an open pull request.

Debian Denial Of Service Stack Overflow +7
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Libsolv +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Libsolv +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Libsolv +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Libsolv +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy