CVE-2026-5121

ADVISORY - nist

Summary

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.

EPSS Score: 0.01073 (0.609)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Integer Overflow or Wraparound


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in